Change User Status from FORCE_CHANGE_PASSWORD in Cognito

# Change User Status from FORCE_CHANGE_PASSWORD in Cognito

To change a Cognito user's status from FORCE_CHANGE_PASSWORD to CONFIRMED, we have to change their password. To change a Cognito user's password, use the admin-set-password command, setting the --permanent parameter.

Copied!
aws cognito-idp admin-set-user-password --user-pool-id YOUR_USER_POOL_ID --username john@gmail.com --password "cats-and-dogs-123" --permanent

The admin-set-user-password command allows us to set a user's password as an administrator.

We can set the user's password to a temporary or permanent one.

If we set a temporary password, the user's status is set to FORCE_CHANGE_PASSWORD.

The next time they try to log in, they will be required to change their password.

By setting the --permanent parameter in the command, we've updated the user's status from FORCE_CHANGE_PASSWORD to CONFIRMED.

To verify that the user's status has been changed to CONFIRMED, run the admin-get-user command.

Copied!
aws cognito-idp admin-get-user --user-pool-id YOUR_USER_POOL_ID --username john@gmail.com --query "UserStatus"

The admin-get-user command returns information about the Cognito user.

We're only interested in the user's status, so we used the --query parameter to filter the output.

# Additional Resources

You can learn more about the related topics by checking out the following tutorials:

• AWS Cognito & Amplify Auth - Bad, Bugged, Baffling
• AWS Amplify Auth with React - complete tutorial
• User Pool Attributes in AWS Cognito - Complete Guide
• AWS CDK Tutorial for Beginners - Step-by-Step Guide
• How to use Parameters in AWS CDK