Hosted UI endpoints reference - Amazon Cognito
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Hosted UI endpoints reference

Amazon Cognito activates the hosted UI endpoints in this section when you add a domain to your user pool. They are webpages where your users can complete the core authentication operations of a user pool. They include pages for password management, multi-factor authentication (MFA), and attribute verification. For more information about the user experience in the hosted UI, see Signing up and signing in with the hosted UI.

The webpages that make up the hosted UI are a front-end web application for interactive user sessions with your customers. Your app must invoke the hosted UI in your users' browsers. Amazon Cognito doesn't support programmatic access to the webpages in this chapter. Those federation endpoints in the OAuth 2.0, OpenID Connect, and SAML 2.0 federation endpoints reference that return a JSON response can be queried directly in your app code. The Authorize endpoint redirects either to the hosted UI or to an IdP sign-in page and also must be opened in users' browsers.

All user pool endpoints accept traffic from IPv4 and IPv6 source IP addresses.

The topics in this guide describe frequently-used hosted UI endpoints in detail. Amazon Cognito makes the webpages that follow available when you assign a domain to your user pool.

Hosted UI endpoints
Endpoint URL Description How it's accessed
https://Your user pool domain/login Signs in user pool local and federated users.

Redirect from endpoints like Authorize endpoint, /logout, and /confirmforgotPassword. See Login endpoint.
https://Your user pool domain/logout Signs out user pool users.

Direct link. See Logout endpoint.
https://Your user pool domain/confirmUser Confirms users who have selected an email link to verify their user account.

User selected link in an email message.
https://Your user pool domain/signup Signs up a new user. The /login page directs your user to /signup when they select Sign up.

Direct link with same parameters as /oauth2/authorize.
https://Your user pool domain/confirm After your user pool sends a confirmation code to a user who signed up, prompts your user for the code.

Redirect-only from /signup.
https://Your user pool domain/forgotPassword Prompts your user for their user name and sends a password-reset code. The /login page directs your user to /forgotPassword when they select Forgot your password?.

  1. From Forgot password link at /login.

  2. Direct link with same parameters as /oauth2/authorize.
https://Your user pool domain/confirmforgotPassword Prompts your user for their password-reset code and a new password. The /forgotPassword page directs your user to /confirmforgotPassword when they select Reset your password. Redirect-only from /forgotPassword.
https://Your user pool domain/resendcode Sends a new confirmation code to a user who has signed up in your user pool.

Redirect-only from Send a new code link at /confirm.
Topics