Amplify has re-imagined the way frontend developers build fullstack applications. Develop and deploy without the hassle.

Working with the API

You are currently viewing the AWS SDK for Mobile documentation which is a collection of low-level libraries. Use the Amplify libraries for all new app development. Learn more

SignUp

Creates a new user in your User Pool:

final String username = getInput(R.id.signUpUsername);
final String password = getInput(R.id.signUpPassword);
final Map<String, String> attributes = new HashMap<>();
attributes.put("email", "name@email.com");
AWSMobileClient.getInstance().signUp(username, password, attributes, null, new Callback<SignUpResult>() {
@Override
public void onResult(final SignUpResult signUpResult) {
runOnUiThread(new Runnable() {
@Override
public void run() {
Log.d(TAG, "Sign-up callback state: " + signUpResult.getConfirmationState());
if (!signUpResult.getConfirmationState()) {
final UserCodeDeliveryDetails details = signUpResult.getUserCodeDeliveryDetails();
makeToast("Confirm sign-up with: " + details.getDestination());
} else {
makeToast("Sign-up done.");
}
}
});
}
@Override
public void onError(Exception e) {
Log.e(TAG, "Sign-up error", e);
}
});

Confirm SignUp

Confirms a new user after signing up in a User Pool:

final String username = getInput(R.id.confirmSignUpUsername);
final String code = getInput(R.id.confirmSignUpCode);
AWSMobileClient.getInstance().confirmSignUp(username, code, new Callback<SignUpResult>() {
@Override
public void onResult(final SignUpResult signUpResult) {
runOnUiThread(new Runnable() {
@Override
public void run() {
Log.d(TAG, "Sign-up callback state: " + signUpResult.getConfirmationState());
if (!signUpResult.getConfirmationState()) {
final UserCodeDeliveryDetails details = signUpResult.getUserCodeDeliveryDetails();
makeToast("Confirm sign-up with: " + details.getDestination());
} else {
makeToast("Sign-up done.");
}
}
});
}
@Override
public void onError(Exception e) {
Log.e(TAG, "Confirm sign-up error", e);
}
});

Re-send Confirmation Code

AWSMobileClient.getInstance().resendSignUp("your_username", new Callback<SignUpResult>() {
@Override
public void onResult(SignUpResult signUpResult) {
Log.i(TAG, "A verification code has been sent via" +
signUpResult.getUserCodeDeliveryDetails().getDeliveryMedium()
+ " at " +
signUpResult.getUserCodeDeliveryDetails().getDestination());
}
@Override
public void onError(Exception e) {
Log.e(TAG, e);
}
});

SignIn

Sign in with user credentials:

AWSMobileClient.getInstance().signIn(username, password, null, new Callback<SignInResult>() {
@Override
public void onResult(final SignInResult signInResult) {
runOnUiThread(new Runnable() {
@Override
public void run() {
Log.d(TAG, "Sign-in callback state: " + signInResult.getSignInState());
switch (signInResult.getSignInState()) {
case DONE:
makeToast("Sign-in done.");
break;
case SMS_MFA:
makeToast("Please confirm sign-in with SMS.");
break;
case NEW_PASSWORD_REQUIRED:
makeToast("Please confirm sign-in with new password.");
break;
default:
makeToast("Unsupported sign-in confirmation: " + signInResult.getSignInState());
break;
}
}
});
}
@Override
public void onError(Exception e) {
Log.e(TAG, "Sign-in error", e);
}
});

Confirm SignIn (MFA)

In order to setup multifactor authentication, choose Manual configuration while setting up auth in the CLI. When you get to the Multifactor authentication step, choose these values:

Multifactor authentication (MFA) user login options: ON (Required for all logins, can not be enabled later)
For user login, select the MFA types: SMS Text Message
Please specify an SMS authentication message: Your authentication code is {####}
Email based user registration/forgot password: Enabled (Requires per-user email entry at registration)
Please specify an email verification subject: Your verification code
Please specify an email verification message: Your verification code is {####}
Do you want to override the default password policy for this User Pool? No
Warning: you will not be able to edit these selections.
What attributes are required for signing up? Email, Phone Number (This attribute is not supported by Facebook, Login With Amazon.)

Note in the example above that for the What attributes are required for signing up? prompt, you need to use the arrow keys to scroll down in the list and select Phone Number. Otherwise you will not be able to add a phone number to the user and thus will not be able to sign in since SMS MFA is required.

When signing up a user, be sure to pass an attributes map including both email (in the case above where email is used for password recovery) and phone_number.

After you call sign in and get the SMS_MFA response back, you can send your user's input of the SMS code they received with the following command:

AWSMobileClient.getInstance().confirmSignIn(signInChallengeResponse, new Callback<SignInResult>() {
@Override
public void onResult(SignInResult signInResult) {
Log.d(TAG, "Sign-in callback state: " + signInResult.getSignInState());
switch (signInResult.getSignInState()) {
case DONE:
makeToast("Sign-in done.");
break;
case SMS_MFA:
makeToast("Please confirm sign-in with SMS.");
break;
case NEW_PASSWORD_REQUIRED:
makeToast("Please confirm sign-in with new password.");
break;
default:
makeToast("Unsupported sign-in confirmation: " + signInResult.getSignInState());
break;
}
}
@Override
public void onError(Exception e) {
Log.e(TAG, "Sign-in error", e);
}
});

Force Change Password

If a user is required to change their password on first login, there is a NEW_PASSWORD_REQUIRED state returned when signIn is called. You need to provide a new password given by the user in that case. It can be done using confirmSignIn with the new password.

AWSMobileClient.getInstance().signIn("username", "password", null, new Callback<SignInResult>() {
@Override
public void onResult(final SignInResult signInResult) {
runOnUiThread(new Runnable() {
@Override
public void run() {
Log.d(TAG, "Sign-in callback state: " + signInResult.getSignInState());
switch (signInResult.getSignInState()) {
case DONE:
makeToast("Sign-in done.");
break;
case NEW_PASSWORD_REQUIRED:
makeToast("Please confirm sign-in with new password.");
break;
default:
makeToast("Unsupported sign-in confirmation: " + signInResult.getSignInState());
break;
}
}
});
}
@Override
public void onError(Exception e) {
Log.e(TAG, "Sign-in error", e);
}
});
AWSMobileClient.getInstance().confirmSignIn("NEW_PASSWORD_HERE", new Callback<SignInResult>() {
@Override
public void onResult(SignInResult signInResult) {
Log.d(TAG, "Sign-in callback state: " + signInResult.getSignInState());
switch (signInResult.getSignInState()) {
case DONE:
makeToast("Sign-in done.");
break;
case SMS_MFA:
makeToast("Please confirm sign-in with SMS.");
break;
default:
makeToast("Unsupported sign-in confirmation: " + signInResult.getSignInState());
break;
}
}
@Override
public void onError(Exception e) {
Log.e(TAG, "Sign-in error", e);
}
});

Forgot Password

Forgot password is a 2 step process. You need to first call forgotPassword() method which would send a confirmation code to user via email or phone number. The details of how the code was sent are included in the response of forgotPassword(). Once the code is given by the user, you need to call confirmForgotPassword() with the confirmation code to confirm the change of password.

AWSMobileClient.getInstance().forgotPassword("username", new Callback<ForgotPasswordResult>() {
@Override
public void onResult(final ForgotPasswordResult result) {
runOnUiThread(new Runnable() {
@Override
public void run() {
Log.d(TAG, "forgot password state: " + result.getState());
switch (result.getState()) {
case CONFIRMATION_CODE:
makeToast("Confirmation code is sent to reset password");
break;
default:
Log.e(TAG, "un-supported forgot password state");
break;
}
}
});
}
@Override
public void onError(Exception e) {
Log.e(TAG, "forgot password error", e);
}
});
AWSMobileClient.getInstance().confirmForgotPassword("username", "NEW_PASSWORD_HERE", "CONFIRMATION_CODE", new Callback<ForgotPasswordResult>() {
@Override
public void onResult(final ForgotPasswordResult result) {
runOnUiThread(new Runnable() {
@Override
public void run() {
Log.d(TAG, "forgot password state: " + result.getState());
switch (result.getState()) {
case DONE:
makeToast("Password changed successfully");
break;
default:
Log.e(TAG, "un-supported forgot password state");
break;
}
}
});
}
@Override
public void onError(Exception e) {
Log.e(TAG, "forgot password error", e);
}
});

SignOut

AWSMobileClient.getInstance().signOut(SignOutOptions.builder().invalidateTokens(true).build(), new Callback<Void>() {
@Override
public void onResult(Void result) {
Log.d(TAG, "onResult: ");
}
@Override
public void onError(Exception e) {
Log.e(TAG, "onError: ", e);
}
});

If you want to sign out locally by just deleting tokens, you can call signOut method:

AWSMobileClient.getInstance().signOut();

Global SignOut

Using global signout, you can signout a user from all active login sessions. By doing this, you are revoking all the OIDC tokens(id token, access token and refresh token) which means the user is signed out from all the devices. However, although the tokens are revoked, the AWS credentials will remain valid until they expire (which by default is 1 hour).

AWSMobileClient.getInstance().signOut(SignOutOptions.builder().signOutGlobally(true).build(), new Callback<Void>() {
@Override
public void onResult(final Void result) {
Log.d(TAG, "signed-out");
}
@Override
public void onError(Exception e) {
Log.e(TAG, "sign-out error", e);
}
});

Utility Properties

The AWSMobileClient provides several property "helpers" that are automatically cached locally for you to use in your application.

AWSMobileClient.getInstance().getUsername() //String
AWSMobileClient.getInstance().isSignedIn() //Boolean
AWSMobileClient.getInstance().getIdentityId() //String

Managing Security Tokens

When using Authentication with AWSMobileClient, you don’t need to refresh Amazon Cognito tokens manually. The tokens are automatically refreshed by the library when necessary.

OIDC Tokens

AWSMobileClient.getInstance().getTokens();
AWSMobileClient.getInstance().getTokens().getIdToken().getTokenString();

AWS Credentials

AWSMobileClient.getInstance().getCredentials();