Prerequisites
Create WorkMail Account
Verify Email Address to be used in Cognito.
Cognito User Pool
Manage User Pools
Navigate to Cognito > Manage User Pools > Create a user pool
| Name | |
| Pool name | G53_CUP_Console |
| Attributes | |
| How do you want your end users to sign in? | Email address or phone number - Allow email address |
| Enable case insensitivity for username input | Enable |
| Which standard attributes do you want to require? |
Select your applicable attributes: |
| Policies | |
| What password strength do you want to require? |
Minimun length : 8 Require numbers : Checked Require special character : Checked Require uppercase letters : Checked Require lowercase letters : Checked |
| Do you want to allow users to sign themselves up? | Allow users to sign themselves up |
| How quickly should temporary passwords set by administrators expire if not used? | 7 |
| MFA and verification | |
| Do you want to enable Multi-Factor Authentication (MFA)? | Off |
| How will a user be able to recover their account? | Email only |
| Which attributes do you want to verify? | |
| You must provide a role to allow Amazon Cognito to send SMS messages | Do not create role |
| Message customizations | |
| Do you want to customize your email address? |
SES Region: EU (Ireland) FROM email address ARN: noreply@gateway53.com |
| Do you want to send emails through your Amazon SES Configuration? | Yes - Use Amazon SES |
| Do you want to customize your email verification messages? |
Verification type : Link Email Subject: Add your applicable subject. Email message: Add you applicable message. |
| Tags | |
| Do you want to add tags for this user pool? |
Tag Key: G53-CUP Tag Value: G53_CUP_Console |
| Devices | |
| Do you want to remember your user's devices? | No |
| App clients | |
| Which app clients will have access to this user pool? |
Add an app client App client name: G53_CAC_Console Refresh token expiration (days): 30 Generate client secret: Un-check Enable username password auth for admin APIs for authentication (ALLOW_ADMIN_USER_PASSWORD_AUTH): Un-check Enable lambda trigger based custom authentication (ALLOW_CUSTOM_AUTH): Checked Enable username password based authentication (ALLOW_USER_PASSWORD_AUTH): Un-check Enable SRP (secure remote password) protocol based authentication (ALLOW_USER_SRP_AUTH): Checked Enable refresh token based authentication (ALLOW_REFRESH_TOKEN_AUTH): Checked Prevent User Existence Errors: Enabled Create app client |
| Triggers | |
- Click on 'Create pool'.
- Take note of your Pool Id and App client id.