tessl/npm-aws-amplify--auth
Authentication category of AWS Amplify providing APIs and building blocks for creating authentication experiences with Amazon Cognito
—
Pending
Quality
Pending
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Securityby
Pending
The risk profile of this skill
authentication-lifecycle.mddocs/
Authentication Lifecycle
Core authentication operations for user registration, sign-in, confirmation, and sign-out using Amazon Cognito.
Sign Up
Register a new user with Amazon Cognito User Pool.
function signUp(input: SignUpInput): Promise<SignUpOutput>;
interface SignUpInput {
username: string;
password?: string;
options?: {
userAttributes?: Record<UserAttributeKey, string>;
validationData?: Record<string, string>;
clientMetadata?: Record<string, string>;
autoSignIn?: SignInOptions | boolean;
};
}
interface SignUpOutput {
isSignUpComplete: boolean;
nextStep: {
signUpStep: 'CONFIRM_SIGN_UP' | 'COMPLETE_AUTO_SIGN_IN' | 'DONE';
codeDeliveryDetails?: CodeDeliveryDetails;
};
userId?: string;
}Usage Example
import { signUp } from "@aws-amplify/auth";
const { isSignUpComplete, nextStep, userId } = await signUp({
username: "user@example.com",
password: "TempPassword123!",
options: {
userAttributes: {
email: "user@example.com",
name: "John Doe",
phone_number: "+12345678901"
}
}
});
if (nextStep.signUpStep === 'CONFIRM_SIGN_UP') {
// User needs to confirm with verification code
console.log(`Code sent to: ${nextStep.codeDeliveryDetails?.destination}`);
}Confirm Sign Up
Confirm user registration with verification code received via email or SMS.
function confirmSignUp(input: ConfirmSignUpInput): Promise<ConfirmSignUpOutput>;
interface ConfirmSignUpInput {
username: string;
confirmationCode: string;
clientMetadata?: Record<string, string>;
}
interface ConfirmSignUpOutput {
isSignUpComplete: boolean;
nextStep: {
signUpStep: 'COMPLETE_AUTO_SIGN_IN' | 'DONE';
};
}Usage Example
import { confirmSignUp } from "@aws-amplify/auth";
const { isSignUpComplete } = await confirmSignUp({
username: "user@example.com",
confirmationCode: "123456"
});
if (isSignUpComplete) {
console.log("User registration confirmed successfully");
}Resend Sign Up Code
Resend the verification code for user registration confirmation.
function resendSignUpCode(input: ResendSignUpCodeInput): Promise<ResendSignUpCodeOutput>;
interface ResendSignUpCodeInput {
username: string;
clientMetadata?: Record<string, string>;
}
interface ResendSignUpCodeOutput {
destination?: string;
deliveryMedium?: 'EMAIL' | 'SMS';
attributeName?: string;
}Usage Example
import { resendSignUpCode } from "@aws-amplify/auth";
const codeDelivery = await resendSignUpCode({
username: "user@example.com"
});
console.log(`New code sent to: ${codeDelivery.destination}`);Sign In
Authenticate a user with Amazon Cognito User Pool.
function signIn(input: SignInInput): Promise<SignInOutput>;
interface SignInInput {
username: string;
password?: string;
options?: {
authFlowType?: AuthFlowType;
clientMetadata?: Record<string, string>;
preferredChallenge?: AuthFactorType;
};
}
type AuthFlowType =
| 'USER_AUTH'
| 'USER_SRP_AUTH'
| 'CUSTOM_WITH_SRP'
| 'CUSTOM_WITHOUT_SRP'
| 'USER_PASSWORD_AUTH';
interface SignInOutput {
isSignedIn: boolean;
nextStep: {
signInStep:
| 'CONFIRM_SIGN_IN_WITH_SMS_CODE'
| 'CONFIRM_SIGN_IN_WITH_EMAIL_CODE'
| 'CONFIRM_SIGN_IN_WITH_TOTP_CODE'
| 'CONTINUE_SIGN_IN_WITH_MFA_SELECTION'
| 'CONTINUE_SIGN_IN_WITH_TOTP_SETUP'
| 'CONFIRM_SIGN_IN_WITH_CUSTOM_CHALLENGE'
| 'CONFIRM_SIGN_IN_WITH_NEW_PASSWORD_REQUIRED'
| 'RESET_PASSWORD'
| 'DONE';
codeDeliveryDetails?: CodeDeliveryDetails;
missingAttributes?: UserAttributeKey[];
availableChallenges?: AuthFactorType[];
};
}
type AuthFactorType = 'WEB_AUTHN' | 'EMAIL_OTP' | 'SMS_OTP';Usage Example
import { signIn } from "@aws-amplify/auth";
const { isSignedIn, nextStep } = await signIn({
username: "user@example.com",
password: "MyPassword123!"
});
if (isSignedIn) {
console.log("User signed in successfully");
} else if (nextStep.signInStep === 'CONFIRM_SIGN_IN_WITH_SMS_CODE') {
// Handle MFA challenge
console.log("SMS code required for MFA");
}Confirm Sign In
Complete the sign-in process when additional challenges are required (MFA, custom challenges, etc.).
function confirmSignIn(input: ConfirmSignInInput): Promise<ConfirmSignInOutput>;
interface ConfirmSignInInput {
challengeResponse: string;
options?: {
userAttributes?: Record<UserAttributeKey, string>;
clientMetadata?: Record<string, string>;
friendlyDeviceName?: string;
};
}
interface ConfirmSignInOutput {
isSignedIn: boolean;
nextStep: {
signInStep:
| 'CONFIRM_SIGN_IN_WITH_SMS_CODE'
| 'CONFIRM_SIGN_IN_WITH_EMAIL_CODE'
| 'CONFIRM_SIGN_IN_WITH_TOTP_CODE'
| 'CONTINUE_SIGN_IN_WITH_MFA_SELECTION'
| 'CONTINUE_SIGN_IN_WITH_TOTP_SETUP'
| 'CONFIRM_SIGN_IN_WITH_CUSTOM_CHALLENGE'
| 'CONFIRM_SIGN_IN_WITH_NEW_PASSWORD_REQUIRED'
| 'RESET_PASSWORD'
| 'DONE';
codeDeliveryDetails?: CodeDeliveryDetails;
missingAttributes?: UserAttributeKey[];
availableChallenges?: AuthFactorType[];
};
}Usage Example
import { confirmSignIn } from "@aws-amplify/auth";
// Confirm with SMS MFA code
const { isSignedIn } = await confirmSignIn({
challengeResponse: "123456"
});
if (isSignedIn) {
console.log("Sign in completed successfully");
}Auto Sign In
Automatically sign in a user after successful registration when auto sign-in is enabled.
function autoSignIn(): Promise<SignInOutput>;Usage Example
import { signUp, autoSignIn } from "@aws-amplify/auth";
// During sign up with auto sign-in enabled
await signUp({
username: "user@example.com",
password: "TempPassword123!",
autoSignIn: { enabled: true }
});
// After confirming sign up, auto sign in
const { isSignedIn } = await autoSignIn();
if (isSignedIn) {
console.log("User automatically signed in");
}Sign Out
Sign out the current user and clear authentication tokens.
function signOut(input?: SignOutInput): Promise<void>;
interface SignOutInput {
global?: boolean;
}Usage Example
import { signOut } from "@aws-amplify/auth";
// Sign out locally
await signOut();
// Global sign out (signs out from all devices)
await signOut({ global: true });
console.log("User signed out successfully");