AWS::Cognito::UserPool AccountRecoverySetting - Amazon CloudFormation
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

AWS::Cognito::UserPool AccountRecoverySetting

The available verified method a user can use to recover their password when they call ForgotPassword. You can use this setting to define a preferred method when a user has more than one method available. With this setting, SMS doesn't qualify for a valid password recovery mechanism if the user also has SMS multi-factor authentication (MFA) activated. In the absence of this setting, Amazon Cognito uses the legacy behavior to determine the recovery method where SMS is preferred through email.

Syntax

To declare this entity in your Amazon CloudFormation template, use the following syntax:

JSON

{ "RecoveryMechanisms" : [ RecoveryOption, ... ] }

Properties

RecoveryMechanisms

The list of options and priorities for user message delivery in forgot-password operations. Sets or displays user pool preferences for email or SMS message priority, whether users should fall back to a second delivery method, and whether passwords should only be reset by administrators.

Required: No

Type: Array of RecoveryOption

Minimum: 1

Maximum: 2

Update requires: No interruption