Email one-time password to users created with API or CLI - Amazon IAM Identity Center
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Email one-time password to users created with API or CLI

When you create users with the CreateUser API operation or the create-user CLI command, the users don't have passwords. You can update the settings in IAM Identity Center to send these users a verification email after their first attempt to sign in, if you’ve specified an email for the user when they were created. After receiving the verification email, the user must set a password to sign in.

If you don’t enable this setting, you must generate a one-time password and share it with users that you create using the CreateUser API or create-user CLI command.

To send an email address verification email to users created with the CreateUser API or create-user CLI command

  1. Open the IAM Identity Center console.

  2. Choose Settings.

  3. On the Settings page, choose the Authentication tab.

  4. In the Standard authentication section, choose Configure.

  5. In the Configure standard authentication dialog box, select the Send email OTP check box. Then, choose Save. The status updates from Disabled to Enabled.