Skip to content

Additional step to receive OTP just after SMS MFA enables (not for marking the phone number as verified). #14159

New issue
New issue
Open
Open
Additional step to receive OTP just after SMS MFA enables (not for marking the phone number as verified).#14159
Labels
AuthRelated to Auth components/categoryfeature-requestRequest a new feature
@UdithWijegunavardhana

Description

@UdithWijegunavardhana
UdithWijegunavardhana
opened on Jan 23, 2025

Is this related to a new or existing framework?

React, React Native

Is this related to a new or existing API?

Authentication

Is this related to another service?

Cognito MFA

Describe the feature you'd like to request

I'm working with MFA for couple of weeks and implemented the SMS MFA for the client application. There are some additional requirement form the client to add another step to receive and enter the OTP just after enabling MFA for better sense for the users.

The current flow of enabling MFA according to your documentations is just only enables MFA status by calling updateMFAPreference({ sms: 'ENABLED' }) , and it not provides such kind of step to receive the code. (Correct me if I'm wrong and if it has such kind of way)

To receive the code we need to sign-out the user and sign-in back by calling signIn({ username: values.email, password: values.password })

I tried various ways to trigger this and get the code by calling signIn({ username: values.email, password: values.password }) again, adding some post auth Lambda triggers as well. But I'm still unable to match the functionality with the requirement.

This is not just to be verified the phone number. The additional step is required by the client each and every time when user enabling MFA. It may be whether the phone number verified or not.

Describe the solution you'd like

We' would like and suggest you to have optional nextStep to updateMFAPreference method that can be managed according to the user needs to receive OTP code just after enabling MFA, just like doing in signIn method:
const { isSignedIn, nextStep } = await signIn({ username: values.email, password: values.password })

Describe alternatives you've considered

I tried various ways to trigger this and get the code by calling signIn({ username: values.email, password: values.password }) again, adding some post auth Lambda triggers as well.

Additional context

No response

Is this something that you'd be interested in working on?

  • 👋 I may be able to implement this feature request
  • ⚠️ This feature might incur a breaking change

Metadata

Metadata

Assignees

No one assigned

    Labels

    AuthRelated to Auth components/categoryfeature-requestRequest a new feature

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions