Amazon Cognito:强制执行密码过期策略 [英] Amazon Cognito: Enforcing password expiration policy

问题描述

有没有办法对 Amazon Cognito 用户池中的用户强制执行密码过期策略?

Is there a way to enforce password expiration policy on users in Amazon Cognito user pools?

推荐答案

它看起来不像 密码策略.您可以通过添加 passwordUpdatedAt 字段并在用户注册和 changePassword 上手动更新该属性来跟踪密码过期情况.然后你可以安排一些查询密码过期的用户并调用 AdminResetUserPassword 用于这些用户.如果 AWS 发布了诸如 changePassword 之类的 Cognito Userpoool User 事件或将其烘焙到服务中，那会更可靠一些.

It doesn't look like expiration is built into the password policy. You could track password expiration by adding a passwordUpdatedAt field and manually updating that attribute on user sign up and on changePassword. Then you could schedule something that queries users with expired passwords and call AdminResetUserPassword for those users. It would be somewhat more reliable if AWS published Cognito Userpoool User events like changePassword or just baked it into the service.

这篇关于Amazon Cognito:强制执行密码过期策略的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！