Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AWS::Cognito::UserPoolClient - Devices #448

Closed
brainstorm opened this issue Apr 17, 2020 · 6 comments
Closed

AWS::Cognito::UserPoolClient - Devices #448

brainstorm opened this issue Apr 17, 2020 · 6 comments
Labels
security identity compliance IAM, Cognito, Secrets Manager, GuardDuty, etc.
Projects
coverage-roadmap

Comments

@brainstorm
Copy link

brainstorm commented Apr 17, 2020
edited

1. Title

AWS::Cognito::UserPoolClient-Devices-Always/User Opt-In/No

2. Scope of request

Coverage of CRUD actions on the Cognito User Pool Client's "Remember Devices" attribute, which is not yet available via CloudFormation

5. Helpful Links to speed up research and evaluation

This is a followup on AWS CDK issue aws/aws-cdk#7245 for Web Console's UserPool->General Settings->Devices, a.k.a:

"Do you want to remember your user's devices?"

Skärmavbild 2020-04-17 kl 22 20 27
@brainstorm brainstorm mentioned this issue Apr 29, 2020
Open
@luiseduardocolon luiseduardocolon added the security identity compliance IAM, Cognito, Secrets Manager, GuardDuty, etc. label May 8, 2020
@cmckni3
Copy link

cmckni3 commented Aug 13, 2020
edited

Isn't this already available under DeviceConfiguration?

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-deviceconfiguration.html#cfn-cognito-userpool-deviceconfiguration-challengerequiredonnewdevice

Always, MFA Yes

DeviceConfiguration:
  ChallengeRequiredOnNewDevice: true

Always, MFA No

DeviceConfiguration:
  ChallengeRequiredOnNewDevice: false
  DeviceOnlyRememberedOnUserPrompt: false

User Opt In, MFA No

DeviceConfiguration:
  DeviceOnlyRememberedOnUserPrompt: true

User Opt In, MFA Yes

DeviceConfiguration:
  DeviceOnlyRememberedOnUserPrompt: true
  ChallengeRequiredOnNewDevice: true

No

Omit DeviceConfiguration

This domain modeling drives me nuts (see also AccountRecoverySetting). Way more difficult and confusing than it should be in my opinion. Maybe Cognito team is planning for features that may/may not happen. No idea.

@bensie
Copy link

bensie commented Aug 29, 2020

@cmckni3 Thanks for supplying all the permutations for this! Such a frustrating API.

@cmckni3 cmckni3 mentioned this issue Oct 14, 2020
Closed
@ayozemr
Copy link

ayozemr commented Nov 13, 2020

Thanks for the help. I was looking for the "No" option

@codelogn
Copy link

Saved my cloudformation. Thank you.

@wascou
Copy link

wascou commented Jun 5, 2021

Thanks for comfirming the solution I was about to implement..
A complementary blog post on how to use that , if required : https://aws.amazon.com/fr/blogs/mobile/tracking-and-remembering-devices-using-amazon-cognito-your-user-pools/

@WaelA WaelA changed the title AWS::Cognito::UserPoolClient-Devices AWS::Cognito::UserPoolClient - Devices Aug 4, 2021
@cfn-github-issues-bot cfn-github-issues-bot added this to Researching in coverage-roadmap Aug 17, 2021
@cfn-github-issues-bot cfn-github-issues-bot moved this from Researching to Coming Soon in coverage-roadmap Aug 28, 2021
@timwhunt
Copy link

Thanks from the Cognito team for the feedback. We have updated our documentation to clarify the device configuration settings

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-deviceconfiguration.html

@cfn-github-issues-bot cfn-github-issues-bot moved this from Coming Soon to Shipped in coverage-roadmap Jul 21, 2022
@xronz xronz mentioned this issue Oct 2, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
security identity compliance IAM, Cognito, Secrets Manager, GuardDuty, etc.
Projects
coverage-roadmap
  
Shipped
Milestone
No milestone
Development

No branches or pull requests
9 participants
@bensie @brainstorm @cmckni3 @wascou @luiseduardocolon @codelogn @timwhunt @ayozemr @cfn-github-issues-bot