Amazon Cognito provides authentication, authorization, and user management for your web and mobile apps. Your users can sign in directly with a username and password, or through a third party such as Facebook, Amazon, Google, or Apple.

We can configure Amazon Cognito in such a way that users can sign in with their email, phone, or user name. If you enable sign-in with a user name, you can set a "preferred user name" attribute (preferred_username) which will work as an alternate value for the username attribute (username).

The Cognito User accounts are added to your user pool in one of the following ways:

The user signs up in your user pool's client app, which can be a mobile or web app.

Table of Content :

You can import the user's account into your user pool. For more information, go through tutorial importing Users into User Pools From a CSV File

You can create the user's account in your user pool and invite the user to sign in. For more details, see Creating User Accounts as Administrator.

Users who sign themselves up to need to be confirmed before they can sign in. Imported and created users are already confirmed, but they need to create their password the first time they sign in. The following sections explain the confirmation process and email and phone verification.

There are many ways to confirm Cognito user, but here we will see Confirming User Accounts by User or Admin.

AWS Cognito Confirming User Accounts using Java



Maven dependencies for AWS Cognito Confirming User Accounts using Java

We need to add Maven dependencies in pom.xml file as given below: 


 
 
    	<dependency>
		    <groupId>com.amazonaws</groupId>
		    <artifactId>aws-java-sdk-core</artifactId>
		    <version>1.11.764</version>
		</dependency>

			<dependency>
		    <groupId>com.amazonaws</groupId>
		    <artifactId>aws-java-sdk-cognitoidp</artifactId>
		    <version>1.11.764</version>
          </dependency>


		<dependency>
		    <groupId>com.amazonaws</groupId>
		    <artifactId>aws-java-sdk</artifactId>
		    <version>1.11.360</version>
		</dependency>

Create CognitoClient Instance 


  public static AWSCognitoIdentityProvider getAWSCognitoIdentityClient() {
	System.setProperty("aws.accessKeyId", "-- your accessKey Id--");
	System.setProperty("aws.secretKey", "-- your secret Key--");
	AWSCognitoIdentityProvider cognitoClient = AWSCognitoIdentityProviderClientBuilder.standard().withRegion(Regions.AP_SOUTH_1).withCredentials(new SystemPropertiesCredentialsProvider()).build();
	return client;
}

Confirming User Accounts by Admin in AWS Cognito using Java 


public static void confirmUserByAdmin(String username) {
	try {
		final AWSCognitoIdentityProvider client = getAWSCognitoIdentityClient();

		AdminConfirmSignUpRequest adminConfirmSignUpRequest = new    				  AdminConfirmSignUpRequest().withUserPoolId(userPoolId).withUsername(username);
		AdminConfirmSignUpResult result = provider.adminConfirmSignUp(adminConfirmSignUpRequest);
		System.out.println("the cognito user confirmed successfully");

		AttributeType userAttributeEmailVerified = new AttributeType().withName("email_verified").withValue("true");
		AdminUpdateUserAttributesRequest adminUpdateUserAttributesRequest = new AdminUpdateUserAttributesRequest().
		withUsername(username).withUserPoolId(userPoolId).
		withUserAttributes(userAttributeEmailVerified);

		AdminUpdateUserAttributesResult resultUpdateAttr = provider.adminUpdateUserAttributes(adminUpdateUserAttributesRequest);
		System.out.println("the cognito email verified successfully.");
	} catch(Exception ex) {
		System.out.println("Exception occured during confirming the user"+ex);
	}
}

Confirming User Accounts by User in AWS Cognito

The Cognito user can confirm themself using credentials and confirmation code received on their email.


public static void confirmUser(String username, String confirmationCode) {
	try {
		final AWSCognitoIdentityProvider client = getAWSCognitoIdentityClient();

		ConfirmSignUpRequest adminConfirmSignUpRequest = new ConfirmSignUpRequest().withConfirmationCode(confirmationCode).withUsername(username);
		ConfirmSignUpResult result = provider.confirmSignUp(adminConfirmSignUpRequest);
		System.out.println("the cognito user Confirmed successfully.");

		AttributeType userAttributeEmailVerified = new AttributeType().withName("email_verified").withValue("true");
		AdminUpdateUserAttributesRequest adminUpdateUserAttributesRequest = new AdminUpdateUserAttributesRequest().
		withUsername(username).withUserPoolId(userPoolId).
		withUserAttributes(userAttributeEmailVerified);

		AdminUpdateUserAttributesResult resultUpdateAttr = provider.adminUpdateUserAttributes(adminUpdateUserAttributesRequest);
		System.out.println("Email Verified successfully");
	} catch(Exception ex) {
		System.out.println("Exception occured during confirming the user" + ex);
	}
}

Articles/Questions related to AWS Cognito Confirming User Accounts using Java

Create a Cognito user pool in AWS Console | Set up an Amazon Cognito user pool
AWS Cognito Change User password Using Java
AWS Cognito SignUp and SignIn Example Using Java
AWS Cognito TOTP Software Token MFA Using Java
AWS Cognito Change User Email for Phone using Java
AWS Cognito Reset User MFA Using Java
AWS Cognito Enable SMS MFA Using Java
AWS Cognito Change User Email for Phone using Java
How to list all Amazon Cognito Users using Java
AWSCognitoIdentityProvider Method Example for Cognito User Pools API

How do I verify a user in Cognito?

To verify a user in Cognito , we need to call the SignUp API action, and provide the email address and phone number for the UserAttributes parameter.After this, Amazon Cognito sends a verification code to the user's phone. In your app interface, present a confirmation page where the user enters the verification code.

In this article, we have seen AWS Cognito Confirming User Accounts using Java. All source code in the article can be found in the GitHub repository.