/ - Amazon Cognito Identity Provider

Use this API to register a user's entered time-based one-time password (TOTP) code and mark the user's software token MFA status as "verified" if successful. The request takes an access token or a session string, but not both.

curl --location --request POST '/' \ --header 'X-Amz-Target;' \ --header 'Content-Type: application/json' \ --data-raw '{ "AccessToken": "string", "Session": "string", "UserCode": "string", "FriendlyDeviceName": "string" }'

Request

Header Params

X-Amz-Target

string

required

Body Params application/json

AccessToken

string <password>

optional

A valid access token that Amazon Cognito issued to the user whose software token you want to verify.

Match pattern:

[A-Za-z0-9-_=.]+

Session

string

optional

The session that should be passed both ways in challenge-response calls to the service.

>= 20 characters<= 2048 characters

UserCode

string

required

The one- time password computed using the secret code returned by AssociateSoftwareToken.

>= 6 characters<= 6 characters

Match pattern:

[0-9]+

FriendlyDeviceName

string

optional

The friendly device name.

Examples

Responses

🟢200Success

application/json

Body

Status

enum<string>

optional

The status of the verify software token.

Allowed values:

SUCCESSERROR

Session

string

optional

The session that should be passed both ways in challenge-response calls to the service.

>= 20 characters<= 2048 characters

🟠480InvalidParameterException

🟠481ResourceNotFoundException

🟠482InvalidUserPoolConfigurationException

🟠483NotAuthorizedException

🟠484TooManyRequestsException

🟠485PasswordResetRequiredException

🟠486UserNotFoundException

🟠487UserNotConfirmedException

🟠488InternalErrorException

🟠489EnableSoftwareTokenMFAException

🟠490NotAuthorizedException

🟠491SoftwareTokenMFANotFoundException

🟠492CodeMismatchException

🟠493ForbiddenException