To change a Cognito user's status from
we have to change their password. To change a Cognito user's password, use the
admin-set-password command, setting the
aws cognito-idp admin-set-user-password --user-pool-id YOUR_USER_POOL_ID --username email@example.com --password "cats-and-dogs-123" --permanent
The admin-set-user-password command allows us to set a user's password as an administrator.
We can set the user's password to a temporary or permanent one. If we set a
temporary password, the user's status is set to
The next time they try to log in, they will be required to change their password.
FORCE_CHANGE_PASSWORDstate gets prompted to update their password on sign-in and they don't, the challenge expires and only an admin can update their password.
By setting the
--permanent parameter in the command, we've updated the user's
To verify that the user's status has been changed to
CONFIRMED, run the
aws cognito-idp admin-get-user --user-pool-id YOUR_USER_POOL_ID --username firstname.lastname@example.org --query "UserStatus"
admin-get-user command returns information about the Cognito user.
We're only interested in the user's status, so we used the
to filter the output.
You can learn more about the related topics by checking out the following tutorials: