I'm new to AWS and I'm looking for a way to allow the users of my Android app to change their emails without going through the verification process (I managed to do it for the subscription).
I tried to follow this and this, and here is what I did.
In my Android app:
public void onClickChangeEmail(View view)
{
CognitoUserAttributes attributes = new CognitoUserAttributes();
attributes.getAttributes().put("email", "[email protected]");
CognitoSettings
.getCognitoUserPool(MainActivity.this)
.getCurrentUser()
.updateAttributesInBackground(attributes, new UpdateAttributesHandler()
{
@Override
public void onSuccess(List<CognitoUserCodeDeliveryDetails> attributesVerificationList)
{
Log.i("tag", "Email updated!");
}
@Override
public void onFailure(Exception e)
{
e.printStackTrace();
}
});
}
Then, in my AWS console, I added a trigger in Cognito on Custom message, and here is my lambda function, which is triggered everytime a user updates his email:
const AWS = require('aws-sdk')
AWS.config.update({region: 'eu-central-1'});
exports.handler = (event, context, callback) => {
if (event.triggerSource === 'CustomMessage_UpdateUserAttribute')
{
const params = {
UserAttributes: [
{
Name: 'email_verified',
Value: 'true',
},
],
UserPoolId: event.userPoolId,
Username: event.userName,
};
var cognitoIdServiceProvider = new AWS.CognitoIdentityServiceProvider();
cognitoIdServiceProvider.adminUpdateUserAttributes(params, function(err, data) {
if (err) context.done(err, event); // an error occurred
else context.done(null, event); // successful response
});
}
else
{
context.done(null, event);
}
};
The result is: the email is properly updated (but it works whithout the lambda), but the lambda crashes, with the following error:
autoValidationUserEmailModification is not authorized to perform: cognito-idp:AdminUpdateUserAttributes
So it looks like an authorization is missing.
My questions are:
- How can I fix the authorization part?
- Is that method the right way to disable email verification on updating user email?
Thanks for your help.
autoValidationUserEmailModification
is your function name? – hoangdv