how do you check the privacy settings of cognito accounts?

June 19, 2022 / 1 minute of reading

There is no simple way here. Currently this information is not provided with the ListUsers action and so the only thing you can do is to ask for details of one specific user. If MFA is enabled and user set his/her preferences, you will see the following field in AdminGetUser action: PreferredMfaSetting with values SOFTWARE_TOKEN_MFA or SMS_MFA.

So:

aws cognito-idp admin-get-user --user-pool-id <value> --username <value>

The output may look something like this:

{
    "Username": "[email protected]",
    "UserAttributes": [
        {
            "Name": "sub",
            "Value": "121b7a6d-2303-4d68-997a-28fa061f66d9"
        },
        {
            "Name": "email_verified",
            "Value": "true"
        },
        {
            "Name": "phone_number_verified",
            "Value": "true"
        },
        {
            "Name": "phone_number",
            "Value": "+1234567890"
        },
        {
            "Name": "email",
            "Value": "[email protected]"
        }
    ],
    "UserCreateDate": "2020-11-07T12:00:43.722000+00:00",
    "UserLastModifiedDate": "2020-11-07T12:14:26.918000+00:00",
    "Enabled": true,
    "UserStatus": "CONFIRMED",
    "PreferredMfaSetting": "SOFTWARE_TOKEN_MFA",
    "UserMFASettingList": [
        "SMS_MFA",
        "SOFTWARE_TOKEN_MFA"
    ]
}

CLICK HERE to find out more related problems solutions.

Leave a Comment

Your email address will not be published.

Scroll to Top