Closed ghost closed 3 years ago
If you are wanting to enable sign up MFA to be phone number, you should not choose the Default configuration and should instead choose the Manual configuration when creating the authentication service.
In the configuration process, be sure to choose: Email based user registration/forgot password: Disabled (Uses SMS/TOTP as an alternative)
Here are all of the steps I'd recommend using to set this up:
amplify add auth
Do you want to use the default authentication and security configuration? Manual configuration
Select the authentication/authorization services that you want to use: User Sign-Up, Sign-In, connected with AWS IAM controls (Enables per-user Storage features for images or other content, Analytics, and more)
Please provide a friendly name for your resource that will be used to label this category in the project: testapp25f80ba925f80ba9
Please enter a name for your identity pool. testapp25f80ba9_identitypool_25f80ba9
Allow unauthenticated logins? (Provides scoped down permissions that you can control via AWS IAM) No
Do you want to enable 3rd party authentication providers in your identity pool? No
Please provide a name for your user pool: testapp25f80ba9_userpool_25f80ba9
Warning: you will not be able to edit these selections.
How do you want users to be able to sign in? Phone Number
Do you want to add User Pool Groups? No
Do you want to add an admin queries API? No
Multifactor authentication (MFA) user login options: OFF
Email based user registration/forgot password: Disabled (Uses SMS/TOTP as an alternative)
Please specify an SMS verification message: Your verification code is {####}
Do you want to override the default password policy for this User Pool? No
Warning: you will not be able to edit these selections.
What attributes are required for signing up? Email
Specify the app's refresh token expiration period (in days): 30
Do you want to specify the user attributes this app can read and write? No
Do you want to enable any of the following capabilities?
Do you want to use an OAuth flow? No
? Do you want to configure Lambda Triggers for Cognito? No
From there, you should be good to go.
If you are still running into issues, check out this troubleshooting guide: https://aws.amazon.com/premiumsupport/knowledge-center/cognito-troubleshoot-mfa-sms-delivery/
Please let us know if this does not resolve your issue.
Hello @dabit3
I don't want to use MFA for future sign in attempt. I select it as optional just because selecting Phone Number for Which attributes do you want to verify? gives an error when I try to save the changes. I only want to verify the phone number.
I see that you selected Email as an answer to What attributes are required for signing up?. However, we do not require email, but instead we need first name (i.e., given_name
) , last name (i.e., family_name
), and phone number (i.e., phone_number
). Do I need to choose Email
as well?
amplify add auth
Using service: Cognito, provided by: awscloudformation
The current configured provider is Amazon Cognito.
Do you want to use the default authentication and security configuration? Manual configuration
Select the authentication/authorization services that you want to use: User Sign-Up, Sign-In, connected with AWS IAM controls (Enables per-user Storage features for images or other content, Analytics, and more)
Please provide a friendly name for your resource that will be used to label this category in the project: myapp
Please enter a name for your identity pool. myappidpool
Allow unauthenticated logins? (Provides scoped down permissions that you can control via AWS IAM) No
Do you want to enable 3rd party authentication providers in your identity pool? No
Please provide a name for your user pool: myappuserpool
Warning: you will not be able to edit these selections.
How do you want users to be able to sign in? Phone Number
Do you want to add User Pool Groups? No
Do you want to add an admin queries API? No
Multifactor authentication (MFA) user login options: OFF
Email based user registration/forgot password: Disabled (Uses SMS/TOTP as an alternative)
Please specify an SMS verification message: Your verification code is {####}
Do you want to override the default password policy for this User Pool? No
Warning: you will not be able to edit these selections.
What attributes are required for signing up? Family Name (This attribute is not supported by Login With Amazon.), Given Name (This attribute is no
t supported by Login With Amazon.), Phone Number (This attribute is not supported by Facebook, Login With Amazon.)
Specify the app's refresh token expiration period (in days): 30
Do you want to specify the user attributes this app can read and write? No
Do you want to enable any of the following capabilities?
Do you want to use an OAuth flow? No
? Do you want to configure Lambda Triggers for Cognito? No
Then:
amplify push
Here'r are the logs after I signed up using the signUp
function in the first comment:
user confirmed: false
code delivery details: {"AttributeName": "phone_number", "DeliveryMedium": "SMS", "Destination": "+********1003"}
I unfortunately did not receive the SMS text.
I followed exactly the same steps I described in my issue with my friend's AWS account, and it worked. The SMS has been sent successfully. Therefore, I thought that there was something wrong with my AWS account. I created a new AWS account, and without making any addition, I created an amplify project with my new AWS account using eu-central-1 (Frankfurt). To my best surprise, it failed again.
The user has been created successfully, showing that the Code Delivery Options is SMS, and yet nothing has been sent.
I have no clue how I can diagnose it.
Try to increase the SNS limit in the eu-west-1
region.
Cognito is sending SMS messages from the eu-west-1
region for resources located at eu-central-1
.
This applies to other few regions as well: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html
@dabit3 I suggest putting this information in the documentation to avoid misunderstanding.
Good luck!
@yonatanganot I will try it out, however, I do not understand why I need to increate the SNS limit when I have not sent even a single SMS. Additionally, sending SMS works well with my friends' AWS Account for the same project and same amplify setup.
As I mentioned above, I created a brand-new AWS Account for myself, and it did not work there too. How would I have hit the limit without sending a single SMS?
Hello,
I would like to inform that I have sent the SMS verification successfully using the same region and AWS account with Serverless Framework
Did you check the CloudWatch logs of the Lambda functions?(CreateAuthChallenge
and DefineAuthChallenge
).
They might have an error during the invocation.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
This issue has been automatically closed because of inactivity. Please open a new issue if are still encountering problems.
This issue has been automatically locked since there hasn't been any recent activity after it was closed. Please open a new issue for related bugs.
Looking for a help forum? We recommend joining the Amplify Community Discord server *-help
channels or Discussions for those types of questions.
Describe the bug
Phone verification is not sent after the user signs up.
Detailed Description and Steps to Reproduce
I'm using
aws-amplify
for my React Native project. I want to sign users with phone number and send SMS immediately after they sign up. I tried to do that usingeu-central-1 (Frankfurt)
,us-east-1 (N. Virginia)
, andeu-west-2 (London)
. Although I see that the user is created successfully, I was not able to send even one SMS at all. After searching for similar questions, though I have never sent SMS, I did request for SMS quota increase. I was not able to find the problem, and hence I'm literally describing all the steps:amplify add auth
Here's are the answers to the questions asked after issuing
amplify add auth
:AWS Cognito Console
And the process completes after that last question. Then I push the local resources and provision it in the cloud by running
amplify push
. Afterwards, I get on Cognito console, and choose the User Pool that I just created. From General Setting ❯ MFA and verifications, I make the following changes:and save the changes.
Here is the code for signing up:
Here is the log statement for
response.codeDeliveryDetails
:aws-exports.js
Here is the whole content for
aws-exports.js
file:What I expect is that after the user is created, the phone number receives the code for phone number verification. I also tried to resend it by executing
Auth.resendSignUp
, but I have never received the code.I do not have any issue with signal strength, and tried it with other phones and AWS regions as well.
Environment
``` Binaries: Node: 12.16.3 - ~/.nvm/versions/node/v12.16.3/bin/node Watchman: 4.9.0 - /usr/local/bin/watchman Browsers: Chrome: 88.0.4324.192 Safari: 14.0.3 npmGlobalPackages: @aws-amplify/cli: 4.44.0 ```