Cognito - Emails not being sent after importing users

0
votes

I have imported a csv file with users in an AWS Cognito User Pool. The users have email addresses with the email_verified attribute checked as TRUE and the phone_verified attribute checked as FALSE. The import job is successful, however, no email is being automatically sent out to the users with a reset code. I have looked into the AWS documentation and it states:

In order for users to reset their passwords, they must have a verified email or phone number. Amazon Cognito sends a message containing a reset password code to the email or phone number specified in the .csv file. If the message is sent to the phone number, it is sent via SMS.

Would this be an issue with the User Import role? I am using a role that was automatically created by the import job.

Here is my csv, just an example:

cognito:username,name,given_name,family_name,middle_name,nickname,preferred_username,profile,picture,website,email,email_verified,gender,birthdate,zoneinfo,locale,phone_number,phone_number_verified,address,updated_at,cognito:mfa_enabled

John,John,John,Doe,,,,,,,[email protected],TRUE,,,,,,FALSE,,,FALSE

2
amazon-web-servicesamazon-cognito

2 Answers

3
votes

First of all, why you made the cognito:mfa_enabled but the user's mobile phones are unverified?

All users need to set their password, as Cognito does not allow password imports. And for this, you need to assign true to RESET_REQUIRED.

If you have small number of users you can reset the user's password through the web console: click on the user and the option is on the top. Or alternatively, you can use the AWS CLI as described here.

Reseting Passwords If you have a large number of users and you don't want to press the 'Reset Password' (obviously), you need to have a web application/API to do this for you. Because every time the user wants to reset the password, she will get a confirmation code from Cognito. You need to have a work flow in place.

After you have the above work flow working, you need to get the list of usernames using the Cognito API, put it in a List, and then send a request one by one.

Also, in Python you could use Boto, read about reseting user passwords as an admin.

1
votes

Just to put this here; Import creation job won't send email notification.
You've implemented a nice way to achieve your goal.