Manage MFA settings
The Auth category supports Multi-factor Authentication (MFA) for user sign-in flows. MFA is an extra layer of security used to make sure that users trying to gain access to an account are who they say they are. It requires users to provide additional information to verify their identity. The category supports the following MFA methods:
Set Up Backend Resources
Below are the steps you can use to set up MFA using SMS or TOTP with the Amplify CLI. The Amplify libraries are designed to work with MFA even if you have set up your Amazon Cognito resources separately.
Run amplify add auth
to create a new Cognito Auth resource, and follow the prompts below depending on how you want to integrate MFA into your flow.
Turning MFA "ON" will make it required for all users, while "Optional" will make it available to enable on a per-user basis.
SMS MFA
$ amplify add auth ? Do you want to use the default authentication and security configuration?# Manual configuration
... Answer as appropriate
? Multifactor authentication (MFA) user login options:# ON (Required for all logins, can not be enabled later)? For user login, select the MFA types:# SMS Text Message? Please specify an SMS authentication message:# Your authentication code is {####}
... Answer as appropriate
Some next steps:"amplify push" will build all your local backend resources and provision it in the cloud"amplify publish" will build all your local backend and frontend resources (if you have hosting category added) and provision it in the cloud
TOTP MFA
$ amplify add auth ? Do you want to use the default authentication and security configuration?# Manual configuration
... Answer as appropriate
? Multifactor authentication (MFA) user login options:# ON (Required for all logins, can not be enabled later)? For user login, select the MFA types:# Time-Based One-Time Password (TOTP)
... Answer as appropriate
Some next steps:"amplify push" will build all your local backend resources and provision it in the cloud"amplify publish" will build all your local backend and frontend resources (if you have hosting category added) and provision it in the cloud
Run amplify update auth
and follow the prompts as guided below.
The following steps show how to enable MFA as "Optional" for users. In this mode, MFA must be enabled on a user-by-user basis, either through an Admin SDK (e.g. via a Lambda trigger as part of the sign-up process), or manually in the Cognito console.
If you'd like to make MFA required for users, you must first delete your auth resource by running amplify remove auth
, then follow the New Project flow on this page.
SMS MFA
$ amplify update auth
? What do you want to do?# Walkthrough all the auth configurations
... Answer as appropriate
? Multifactor authentication (MFA) user login options:# OPTIONAL (Individual users can use MFA)? For user login, select the MFA types:# SMS Text Message? Please specify an SMS authentication message:# Your authentication code is {####}
... Answer as appropriate
Some next steps:"amplify push" will build all your local backend resources and provision it in the cloud"amplify publish" will build all your local backend and frontend resources (if you have hosting category added) and provision it in the cloud
TOTP MFA
$ amplify update auth
? What do you want to do?# Walkthrough all the auth configurations
... Answer as appropriate
? Multifactor authentication (MFA) user login options:# OPTIONAL (Individual users can use MFA)? For user login, select the MFA types:# Time-Based One-Time Password (TOTP)
... Answer as appropriate
Some next steps:"amplify push" will build all your local backend resources and provision it in the cloud"amplify publish" will build all your local backend and frontend resources (if you have hosting category added) and provision it in the cloud
Multi-factor authentication with SMS
Enabling SMS for MFA during Sign Up
You will need to pass phone_number
as a user attribute to enable SMS MFA for your users during sign up. However, if the primary login mechanism for your Cognito resource is phone_number
(without enabling username
), then you do not need to pass it as an attribute.
AuthSignUpOptions options = AuthSignUpOptions.builder() .userAttribute(AuthUserAttributeKey.email(), "my@email.com") .userAttribute(AuthUserAttributeKey.phoneNumber(), "+18885551234") .build();Amplify.Auth.signUp("username", "Password123", options, result -> Log.i("AuthQuickStart", "Result: " + result.toString()), error -> Log.e("AuthQuickStart", "Sign up failed", error));
val options = AuthSignUpOptions.builder() .userAttribute(AuthUserAttributeKey.email(), "my@email.com") .userAttribute(AuthUserAttributeKey.phoneNumber(), "+18885551234") .build()Amplify.Auth.signUp("username", "Password123", options, { Log.i("AuthQuickStart", "Sign up succeeded: $it") }, { Log.e ("AuthQuickStart", "Sign up failed", it) })
val options = AuthSignUpOptions.builder() .userAttribute(AuthUserAttributeKey.email(), "my@email.com") .userAttribute(AuthUserAttributeKey.phoneNumber(), "+18885551234") .build()try { val result = Amplify.Auth.signUp("username", "Password123", options) Log.i("AuthQuickStart", "Result: $result")} catch (error: AuthException) { Log.e("AuthQuickStart", "Sign up failed", error)}
RxAmplify.Auth.signUp( "username", "Password123", AuthSignUpOptions.builder() .userAttribute(AuthUserAttributeKey.email(), "my@email.com") .userAttribute(AuthUserAttributeKey.phoneNumber(), "+18885551234") .build()) .subscribe( result -> Log.i("AuthQuickStart", "Result: " + result.toString()), error -> Log.e("AuthQuickStart", "Sign up failed", error) );
By default, you have to verify a user account after they sign up using the confirmSignUp
API, which will send a one-time password to the user's phone number or email, depending on your Amazon Cognito configuration.
Amplify.Auth.confirmSignUp( "username", "the code you received", result -> Log.i("AuthQuickstart", result.isSignUpComplete() ? "Confirm signUp succeeded" : "Confirm sign up not complete"), error -> Log.e("AuthQuickstart", error.toString()));
Amplify.Auth.confirmSignUp( "username", "the code you received", { result -> if (result.isSignUpComplete) { Log.i("AuthQuickstart", "Confirm signUp succeeded") } else { Log.i("AuthQuickstart","Confirm sign up not complete") } }, { Log.e("AuthQuickstart", "Failed to confirm sign up", it) })
try { val code = "code you received" val result = Amplify.Auth.confirmSignUp("username", code) if (result.isSignUpComplete) { Log.i("AuthQuickstart", "Signup confirmed") } else { Log.i("AuthQuickstart", "Signup confirmation not yet complete") }} catch (error: AuthException) { Log.e("AuthQuickstart", "Failed to confirm signup", error)}
RxAmplify.Auth.confirmSignUp("username", "the code you received") .subscribe( result -> Log.i("AuthQuickstart", result.isSignUpComplete() ? "Confirm signUp succeeded" : "Confirm sign up not complete"), error -> Log.e("AuthQuickstart", error.toString()) );
You will know the sign up flow is complete if you see the following in your console window:
Confirm signUp succeeded
Handling SMS MFA challenge during Sign In
After a user signs in, if they have MFA enabled for their account, a challenge will be returned that you would need to call the confirmSignIn
API where the user provides their confirmation code sent to their phone number.
Amplify.Auth.signIn( "username", "password", result -> { if (result.getNextStep().getSignInStep() == AuthSignInStep.CONFIRM_SIGN_IN_WITH_SMS_MFA_CODE && result.getNextStep().getCodeDeliveryDetails() != null) { String destination = result.getNextStep().getCodeDeliveryDetails().getDestination(); Log.d("SignIn", "SMS code sent to "+ destination); Log.d("SignIn", "Additional Info" + result.getNextStep().getAdditionalInfo());
// Prompt the user to enter the SMSMFA code they received // Then invoke `confirmSignIn` api with the code } }, error -> Log.e("AuthQuickstart", error.toString()));
Amplify.Auth.signIn("username", "password", { result -> if (result.nextStep.signInStep == AuthSignInStep.CONFIRM_SIGN_IN_WITH_SMS_MFA_CODE) { val destination = result.nextStep.codeDeliveryDetails?.destination Log.d("SignIn", "SMS code sent to $destination") Log.d("SignIn", "Additional Info $result.nextStep.additionalInfo")
// Prompt the user to enter the SMSMFA code they received // Then invoke `confirmSignIn` api with the code } }, { Log.e("AuthQuickstart", "Failed to sign in", it) })
try { val result = Amplify.Auth.signIn("username", "password") if (result.nextStep.signInStep == AuthSignInStep.CONTINUE_SIGN_IN_WITH_TOTP_SETUP) { val destination = result.nextStep.codeDeliveryDetails?.destination Log.d("SignIn", "SMS code sent to $destination") Log.d("SignIn", "Additional Info $result.nextStep.additionalInfo")
// Prompt the user to enter the SMSMFA code they received // Then invoke `confirmSignIn` api with the code }} catch (error: AuthException) { Log.e("AuthQuickstart", "Sign in failed", error)}
RxAmplify.Auth.signIn("username", "password") .subscribe( result -> { if (result.getNextStep().getSignInStep() == AuthSignInStep.CONTINUE_SIGN_IN_WITH_TOTP_SETUP && result.getNextStep().getCodeDeliveryDetails() != null) { String destination = result.getNextStep().getCodeDeliveryDetails().getDestination(); Log.d("SignIn", "SMS code sent to " + destination); Log.d("SignIn", "Additional Info " + result.getNextStep().getAdditionalInfo());
// Prompt the user to enter the SMSMFA code they received // Then invoke `confirmSignIn` api with the code } }, error -> Log.e("AuthQuickstart", error.toString()) );
If MFA is ON or enabled for the user, you must call confirmSignIn
with the OTP sent to their phone.
Amplify.Auth.confirmSignIn( "Confirmation code received via SMS", result -> Log.i("AuthQuickstart", result.toString()), error -> Log.e("AuthQuickstart", error.toString()));
Amplify.Auth.confirmSignIn("Confirmation code received via SMS", { Log.i("AuthQuickstart", "Confirmed signin: $it") }, { Log.e("AuthQuickstart", "Failed to confirm signin", it) })
try { val result = Amplify.Auth.confirmSignIn("Confirmation code received via SMS") Log.i("AuthQuickstart", "Confirmed signin: $result")} catch (error: AuthException) { Log.e("AuthQuickstart", "Failed to confirm signin", error)}
RxAmplify.Auth.confirmSignIn("Confirmation code received via SMS") .subscribe( result -> Log.i("AuthQuickstart", result.toString()), error -> Log.e("AuthQuickstart", error.toString()) );
After a user has been signed in, call updateMFAPreference
to record the MFA type as enabled for the user and optionally set it as preferred so that subsequent logins default to using this MFA type.
if (Amplify.Auth.getPlugin("awsCognitoAuthPlugin") instanceof AWSCognitoAuthPlugin) { AWSCognitoAuthPlugin plugin = (AWSCognitoAuthPlugin) Amplify.Auth.getPlugin("awsCognitoAuthPlugin"); plugin.updateMFAPreference( MFAPreference.ENABLED, null, () -> Log.i("AuthQuickstart", "MFA preference updated successfully"), e -> Log.e("AuthQuickstart", "Failed to update MFA preference.", e) ); }
if (Amplify.Auth.getPlugin("awsCognitoAuthPlugin") as? AWSCognitoAuthPlugin) { val plugin = Amplify.Auth.getPlugin("awsCognitoAuthPlugin") as? AWSCognitoAuthPlugin plugin.updateMFAPreference( MFAPreference.ENABLED, null, { Log.i( "AuthQuickstart", "MFA preference updated successfully") }, { e: AuthException? -> Log.e( "AuthQuickstart", "Failed to update MFA preference", e) } )}
Multi-factor authentication with TOTP
You can use Time-based One-Time Password (TOTP) for multi-factor authentication (MFA) in your web or mobile applications. The Amplify Auth category includes support for TOTP setup and verification using authenticator apps, offering an integrated solution and enhanced security for your users. These apps, such as Google Authenticator, Microsoft Authenticator, have the TOTP algorithm built-in and work by using a shared secret key and the current time to generate short-lived, six digit passwords.
Setting up TOTP for a user
After you initiate a user sign in with the signIn
API where a user is required to set up TOTP as an MFA method, the API call will return CONTINUE_SIGN_IN_WITH_TOTP_SETUP
as a challenge and next step to handle in your app. You will get that challenge if the following conditions are met:
- MFA is marked as Required in Cognito User Pool.
- TOTP is enabled in the Cognito User Pool
- User does not have TOTP MFA set up already.
The CONTINUE_SIGN_IN_WITH_TOTP_SETUP
step signifies that the user must set up TOTP before they can sign in. The step returns an associated value of type TOTPSetupDetails
which must be used to configure an authenticator app like Microsoft Authenticator or Google Authenticator. TOTPSetupDetails
provides a helper method called getSetupURI
which generates a URI that can be used, for example, in a button to open the user's installed authenticator app. For more advanced use cases, TOTPSetupDetails
also contains a sharedSecret
which can be used to either generate a QR code or be manually entered into an authenticator app.
Once the authenticator app is set up, the user can generate a TOTP code and provide it to the library to complete the sign in process.
Amplify.Auth.signIn( "username", "password", result -> { if (result.getNextStep().getSignInStep() == AuthSignInStep.CONTINUE_SIGN_IN_WITH_TOTP_SETUP && result.getNextStep().getTotpSetupDetails() != null) { Log.d("SignIn", "Received next step as continue sign in by setting up TOTP"); Log.d("SignIn", "Shared Secret is" + result.getNextStep().getTotpSetupDetails().getSharedSecret()); // appName parameter will help distinguish the account in the Authenticator app Uri setupURI = result.getNextStep().getTotpSetupDetails().getSetupURI("<Your_App_Name>");
Log.d("SignIn", "TOTP Setup URI: " + setupURI);
// Prompt the user to enter the TOTP code generated in their authenticator app // Then invoke `confirmSignIn` api with the code } }, error -> Log.e("SignIn", error.toString()));
Amplify.Auth.signIn( "username", "password", { result -> if (result.nextStep.signInStep == AuthSignInStep.CONTINUE_SIGN_IN_WITH_TOTP_SETUP) { Log.d("SignIn", "Received next step as continue sign in by setting up TOTP") Log.d("SignIn", "Shared Secret is" + result.nextStep.totpSetupDetails?.sharedSecret) // appName parameter will help distinguish the account in the Authenticator app val setupURI = result.nextStep.totpSetupDetails?.getSetupURI("<Your_App_Name>>")
Log.d("SignIn", "TOTP Setup URI: $setupURI")
// Prompt the user to enter the TOTP code generated in their authenticator app // Then invoke `confirmSignIn` api with the code } }, { Log.e("AuthQuickstart", "Failed to sign in", it) })
try { val result = Amplify.Auth.signIn("username", "password") if (result.nextStep.signInStep == AuthSignInStep.CONTINUE_SIGN_IN_WITH_TOTP_SETUP) { Log.d("SignIn", "Received next step as continue sign in by setting up TOTP") Log.d("SignIn", "Shared Secret is" + result.nextStep.totpSetupDetails?.sharedSecret) // appName parameter will help distinguish the account in the Authenticator app val setupURI = result.nextStep.totpSetupDetails?.getSetupURI("<Your_App_Name>>")
Log.d("SignIn", "TOTP Setup URI: $setupURI");
// Prompt the user to enter the TOTP code generated in their authenticator app // Then invoke `confirmSignIn` api with the code }} catch (error: AuthException) { Log.e("AuthQuickstart", "Sign in failed", error)}
RxAmplify.Auth.signIn("username", "password") .subscribe( result -> { if (result.getNextStep().getSignInStep() == AuthSignInStep.CONTINUE_SIGN_IN_WITH_TOTP_SETUP && result.getNextStep().getTotpSetupDetails() != null ) { Log.d("SignIn", "Received next step as continue sign in by setting up TOTP"); Log.d("SignIn", "Shared Secret is" + result.getNextStep().getTotpSetupDetails().getSharedSecret()); // appName parameter will help distinguish the account in the Authenticator app Uri setupURI = result.getNextStep().getTotpSetupDetails().getSetupURI("<Your_App_Name>");
Log.d("SignIn", "TOTP Setup URI: " + setupURI);
// Prompt the user to enter the TOTP code generated in their authenticator app // Then invoke `confirmSignIn` api with the code } }, error -> Log.e("AuthQuickstart", error.toString()) );
The TOTP code can be obtained from the user via a text field or any other means. Once the user provides the TOTP code, call confirmSignIn
with the TOTP code as the challengeResponse
parameter.
Amplify.Auth.confirmSignIn( "OTP code from Authenticator App", result -> Log.i("AuthQuickstart", result.toString()), error -> Log.e("AuthQuickstart", error.toString()));
Amplify.Auth.confirmSignIn("OTP code from Authenticator App", { Log.i("AuthQuickstart", "Confirmed signin: $it") }, { Log.e("AuthQuickstart", "Failed to confirm signin", it) })
try { val result = Amplify.Auth.confirmSignIn("OTP code from Authenticator App") Log.i("AuthQuickstart", "Confirmed signin: $result")} catch (error: AuthException) { Log.e("AuthQuickstart", "Failed to confirm signin", error)}
RxAmplify.Auth.confirmSignIn("OTP code from Authenticator App") .subscribe( result -> Log.i("AuthQuickstart", result.toString()), error -> Log.e("AuthQuickstart", error.toString()) );
Enabling TOTP after a user is signed in
TOTP MFA can be set up after a user has signed in. This can be done when the following conditions are met:
- MFA is marked as Optional or Required in the Cognito User Pool
- TOTP is marked as an enabled MFA method in Cognito user pool
TOTP can be set up by calling the setUpTOTP
and verifyTOTPSetup
APIs in the Auth
category.
Invoke the setUpTOTP
API to generate a TOTPSetupDetails
object which should be used to configure an Authenticator app like Microsoft Authenticator or Google Authenticator. TOTPSetupDetails
provides a helper method called getSetupURI
which generates a URI that can be used, for example, in a button to open the user's installed Authenticator app. For more advanced use cases, TOTPSetupDetails
also contains a sharedSecret
which can be used to either generate a QR code or be manually entered into an Authenticator app.
that contains the sharedSecret
which will be used to either to generate a QR code or can be manually entered into an Authenticator app.
Amplify.Auth.setUpTOTP( result -> { Log.d("AuthQuickstart","Shared secret that will be used to set up TOTP in the authenticator app" + result.getSharedSecret()); // appName parameter will help distinguish the account in the Authenticator app Uri setupURI = result.getSetupURI("<Your_App_Name>>"); // Prompt the user to enter the TOTP code generated in their authenticator app // Then invoke `verifyTOTP` api with the code }, error -> Log.e("AuthQuickstart", error.toString()));
Amplify.Auth.setUpTOTP( { result -> Log.d("AuthQuickstart","Shared secret that will be used to set up TOTP in the authenticator app ${result.sharedSecret}") // appName parameter will help distinguish the account in the Authenticator app val setupURI = result.getSetupURI("<Your_App_Name>>") // Prompt the user to enter the TOTP code generated in their authenticator app // Then invoke `verifyTOTP` api with the code }, { Log.e("AuthQuickstart", "Failed to confirm signin", it) })
try { val result = Amplify.Auth.setUpTOTP() Log.d("AuthQuickstart","Shared secret that will be used to set up TOTP in the authenticator app ${result.sharedSecret}") // appName parameter will help distinguish the account in the Authenticator app val setupURI = result.getSetupURI("<Your_App_Name>>") // Prompt the user to enter the TOTP code generated in their authenticator app // Then invoke `verifyTOTP` api with the code} catch (error: AuthException) { Log.e("AuthQuickstart", "Failed to confirm signin", error)}
RxAmplify.Auth.setUpTOTP() .subscribe( result -> { Log.d("AuthQuickstart","Shared secret that will be used to set up TOTP in the authenticator app" + result.getSharedSecret()); // appName parameter will help distinguish the account in the Authenticator app Uri setupURI = result.getSetupURI("<Your_App_Name>"); // Prompt the user to enter the TOTP code generated in their authenticator app // Then invoke `verifyTOTP` api with the code }, error -> Log.e("AuthQuickstart", error.toString()) );
Once the Authenticator app is set up, the user must generate a TOTP code and provide it to the library. Pass the code to verifyTOTPSetup
to complete the TOTP setup process.
Amplify.Auth.verifyTOTPSetup( totpCodeFromAuthenticatorApp, () ->Log.d("AuthQuickstart","TOTP Verification Succeeded"), error -> Log.e("AuthQuickstart", error.toString()));
Amplify.Auth.verifyTOTPSetup( totpCodeFromAuthenticatorApp, { Log.d("AuthQuickstart", "TOTP Verification Succeeded") }, { Log.e("AuthQuickstart", "Failed to verifyTOTPSetup", it) })
try { Amplify.Auth.verifyTOTPSetup(totpCodeFromAuthenticatorApp) Log.d("AuthQuickstart", "TOTP Verification Succeeded")} catch (error: AuthException) { Log.e("AuthQuickstart", "Failed to verify", error)}
RxAmplify.Auth.verifyTOTPSetup(totpCodeFromAuthenticatorApp) .subscribe( result -> Log.d("AuthQuickstart","TOTP Verification Succeeded"), error -> Log.e("AuthQuickstart", error.toString()) );
if (Amplify.Auth.getPlugin("awsCognitoAuthPlugin") instanceof AWSCognitoAuthPlugin) { AWSCognitoAuthPlugin plugin = (AWSCognitoAuthPlugin) Amplify.Auth.getPlugin("awsCognitoAuthPlugin"); plugin.updateMFAPreference( null, MFAPreference.ENABLED, () -> Log.i("AuthQuickstart", "MFA preference updated successfully"), e -> Log.e("AuthQuickstart", "Failed to update MFA preference.", e) ); }
if (Amplify.Auth.getPlugin("awsCognitoAuthPlugin") as? AWSCognitoAuthPlugin) { val plugin = Amplify.Auth.getPlugin("awsCognitoAuthPlugin") as? AWSCognitoAuthPlugin plugin.updateMFAPreference( null, MFAPreference.ENABLED, { Log.i("AuthQuickstart", "MFA preference updated successfully" ) }, { e: AuthException? -> Log.e("AuthQuickstart", "Failed to update MFA preference", e) } )}
Recovering from a lost TOTP device
In a scenario where MFA is marked as Required in Cognito User Pool and another MFA method is not set up, the administrator would need to first initiate an AdminUpdateUserAttributes call and update the user’s phone number attribute. Once this is complete, the administrator can continue changing the MFA preference to SMS as suggested above.
Setting a user's preferred MFA option
Fetch the current user's MFA preferences
Invoke the following API to get the current MFA preference and enabled MFA types, if any, for the current user.
if (Amplify.Auth.getPlugin("awsCognitoAuthPlugin") instanceof AWSCognitoAuthPlugin) { AWSCognitoAuthPlugin plugin = (AWSCognitoAuthPlugin) Amplify.Auth.getPlugin("awsCognitoAuthPlugin"); plugin.fetchMFAPreference( preference -> Log.i( "AuthQuickStart", "Fetched MFA preference, enabled: " + preference.getEnabled() + ", preferred: " + preference.getPreferred() ), e -> Log.e("AuthQuickStart", "Failed to fetch MFA preference.", e) );}
val cognitoAuthPlugin = Amplify.Auth.getPlugin("awsCognitoAuthPlugin") as? AWSCognitoAuthPlugincognitoAuthPlugin?.fetchMFAPreference( { Log.d("AuthQuickStart", "Fetched MFA preference, enabled: ${it.enabled}, preferred: ${it.preferred}") }, { Log.e("AuthQuickStart", "Failed to fetch MFA preference.", it) })
Update the current user's MFA preferences
Invoke the following API to update the MFA preference for the current user.
if (Amplify.Auth.getPlugin("awsCognitoAuthPlugin") instanceof AWSCognitoAuthPlugin) { AWSCognitoAuthPlugin plugin = (AWSCognitoAuthPlugin) Amplify.Auth.getPlugin("awsCognitoAuthPlugin"); plugin.updateMFAPreference( MFAPreference.DISABLED, // SMS Preference MFAPreference.PREFERRED, // TOTP Preference () -> Log.i( "AuthQuickStart", "Preference updated successfully"), e -> Log.e("AuthQuickStart", "Failed to update MFA preference.", e) );}
val cognitoAuthPlugin = Amplify.Auth.getPlugin("awsCognitoAuthPlugin") as? AWSCognitoAuthPlugincognitoAuthPlugin?.updateMFAPreference( MFAPreference.DISABLED, // SMS Preference MFAPreference.PREFERRED, // TOTP Preference { Log.d("AuthQuickStart", "Preference updated successfully") }, { Log.e("AuthQuickStart", "Failed to update MFA preference.", it) })
If multiple MFA methods are enabled for the user, the signIn
API will return CONTINUE_SIGN_IN_WITH_MFA_SELECTION
as the next step in the auth flow. During this scenario, the user should be prompted to select the MFA method they want to use to sign in and their preference should be passed to confirmSignIn
.
Amplify.Auth.confirmSignIn( MFATypeUtil.getChallengeResponse(MFAType.TOTP), result -> { if (result.getNextStep().getSignInStep() == AuthSignInStep.CONFIRM_SIGN_IN_WITH_TOTP_CODE) { Log.i("AuthQuickStart", "Received next step as confirm sign in with TOTP"); } // ... }, error -> Log.e("AuthQuickstart", "Confirm sign in failed: " + error));
Amplify.Auth.confirmSignIn( MFAType.TOTP.challengeResponse, { result -> if (result.nextStep.signInStep == AuthSignInStep.CONFIRM_SIGN_IN_WITH_TOTP_CODE) { Log.i("AuthQuickStart", "Received next step as confirm sign in with TOTP"); } // ... }, { error -> Log.e("AuthQuickstart", "Confirm sign in failed: $error") })
try { val result = Amplify.Auth.confirmSignIn(MFAType.TOTP.challengeResponse) if (result.nextStep.signInStep == AuthSignInStep.CONFIRM_SIGN_IN_WITH_TOTP_CODE) { Log.i("AuthQuickStart", "Received next step as confirm sign in with TOTP"); } // ...} catch(error: Exception) { Log.e("AuthQuickstart", "Confirm sign in failed: $error")}
RxAmplify.Auth.confirmSignIn( MFATypeUtil.getChallengeResponse(MFAType.TOTP)).subscribe( result -> { if (result.getNextStep().getSignInStep() == AuthSignInStep.CONFIRM_SIGN_IN_WITH_TOTP_CODE) { Log.i("AuthQuickStart", "Received next step as confirm sign in with TOTP"); } // ... }, error -> Log.e("AuthQuickstart", "Confirm sign in failed: " + error));