Set up password change and recovery
Amplify Auth provides a secure way for your users to change their password or recover a forgotten password. This securely reduces friction for your users and improves their experience accessing your application.
Before you begin, you will need:
- An Amplify project with the Auth category configured
- The Amplify libraries installed and configured
Reset Password
To reset a user's password, use the resetPassword
API which will send a reset code to the destination (e.g. email or SMS) based on the user's settings.
import { resetPassword, type ResetPasswordOutput } from 'aws-amplify/auth';
async function handleResetPassword(username: string) { try { const output = await resetPassword({ username }); handleResetPasswordNextSteps(output); } catch (error) { console.log(error); }}
function handleResetPasswordNextSteps(output: ResetPasswordOutput) { const { nextStep } = output; switch (nextStep.resetPasswordStep) { case 'CONFIRM_RESET_PASSWORD_WITH_CODE': const codeDeliveryDetails = nextStep.codeDeliveryDetails; console.log( `Confirmation code was sent to ${codeDeliveryDetails.deliveryMedium}` ); // Collect the confirmation code from the user and pass to confirmResetPassword. break; case 'DONE': console.log('Successfully reset password.'); break; }}
import { resetPassword } from 'aws-amplify/auth';
async function handleResetPassword(username) { try { const output = await resetPassword({ username }); handleResetPasswordNextSteps(output); } catch (error) { console.log(error); }}
function handleResetPasswordNextSteps(output) { const { nextStep } = output; switch (nextStep.resetPasswordStep) { case 'CONFIRM_RESET_PASSWORD_WITH_CODE': const codeDeliveryDetails = nextStep.codeDeliveryDetails; console.log( `Confirmation code was sent to ${codeDeliveryDetails.deliveryMedium}` ); // Collect the confirmation code from the user and pass to confirmResetPassword. break; case 'DONE': console.log('Successfully reset password.'); break; }}
To complete the password reset process, invoke the confirmResetPassword
API with the code your user received and the new password they want to set.
import { confirmResetPassword, type ConfirmResetPasswordInput} from 'aws-amplify/auth';
async function handleConfirmResetPassword({ username, confirmationCode, newPassword}: ConfirmResetPasswordInput) { try { await confirmResetPassword({ username, confirmationCode, newPassword }); } catch (error) { console.log(error); }}
import { confirmResetPassword } from 'aws-amplify/auth';
async function handleConfirmResetPassword({ username, confirmationCode, newPassword}) { try { await confirmResetPassword({ username, confirmationCode, newPassword }); } catch (error) { console.log(error); }}
Update password
You can update a signed in user's password using the updatePassword
API.
import { updatePassword, type UpdatePasswordInput } from 'aws-amplify/auth';
async function handleUpdatePassword({ oldPassword, newPassword}: UpdatePasswordInput) { try { await updatePassword({ oldPassword, newPassword }); } catch (err) { console.log(err); }}
import { updatePassword } from 'aws-amplify/auth';
async function handleUpdatePassword(oldPassword, newPassword) { try { await updatePassword({ oldPassword, newPassword }); } catch (err) { console.log(err); }}
Conclusion
Congratulations! You finished the Set up user password change and recovery guide. In this guide, you learned how to enable password changes by your users and help them recover their account and replace their password using a registered email or phone number.
Next steps
Now that you enabled password management you may also want to add some additional features. We recommend you learn more about: