interface MfaSecondFactor
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.AWS.Cognito.MfaSecondFactor |
 Go | github.com/aws/aws-cdk-go/awscdk/v2/awscognito#MfaSecondFactor |
 Java | software.amazon.awscdk.services.cognito.MfaSecondFactor |
 Python | aws_cdk.aws_cognito.MfaSecondFactor |
 TypeScript (source) | aws-cdk-lib » aws_cognito » MfaSecondFactor |
The different ways in which a user pool can obtain their MFA token for sign in.
Example
new cognito.UserPool(this, 'myuserpool', {
// ...
mfa: cognito.Mfa.REQUIRED,
mfaSecondFactor: {
sms: true,
otp: true,
email: false, // email-based MFA
},
});
Properties
| Name | Type | Description |
|---|---|---|
| otp | boolean | The MFA token is a time-based one time password that is generated by a hardware or software token. |
| sms | boolean | The MFA token is sent to the user via SMS to their verified phone numbers. |
| email? | boolean | The MFA token is sent to the user via EMAIL. |
otp
Type:
boolean
The MFA token is a time-based one time password that is generated by a hardware or software token.
sms
Type:
boolean
The MFA token is sent to the user via SMS to their verified phone numbers.
email?
Type:
boolean
(optional, default: false)
The MFA token is sent to the user via EMAIL.
To enable email-based MFA, set email property to the Amazon SES email-sending configuration
and set feturePlan to FeaturePlan.ESSENTIALS or FeaturePlan.PLUS