Skip to content
Ion
Docs Console Examples

CognitoUserPool

Reference doc for the `sst.aws.CognitoUserPool` component.

The CognitoUserPool component lets you add a Amazon Cognito user pool to your app.

Create the user pool

const userPool = new sst.aws.CognitoUserPool("MyUserPool");

Login using email

new sst.aws.CognitoUserPool("MyUserPool", {
  usernames: ["email"]
});

Configure triggers

new sst.aws.CognitoUserPool("MyUserPool", {
  triggers: {
    preAuthentication: "src/preAuthentication.handler",
    postAuthentication: "src/postAuthentication.handler",
  },
});

Add a client

userPool.addClient("Web");

Constructor

new CognitoUserPool(name, args?, opts?)

Parameters

CognitoUserPoolArgs

aliases?

Type Input<Input<email | phone | preferred_username>[]>

Default User can only sign in with their username.

Configure the different ways a user can sign in besides using their username.

{
  aliases: ["email"]
}

transform?

Type Object

Transform how this component creates its underlying resources.

transform.userPool?

Type UserPoolArgs | (args: UserPoolArgs => void)

Transform the Cognito user pool resource.

triggers?

Type Input<Object>

Default No triggers

Configure triggers for this User Pool

{
  triggers: {
    preAuthentication: "src/preAuthentication.handler",
    postAuthentication: "src/postAuthentication.handler",
  },
}

triggers.createAuthChallenge?

Type string | FunctionArgs

ARN of the lambda function to present a custom challenge and its answer.

triggers.customEmailSender?

Type string | FunctionArgs

ARN of the custom email sender function.

triggers.customMessage?

Type string | FunctionArgs

ARN of the lambda function to add customization and localization of verification, recovery, and MFA messages.

triggers.customSmsSender?

Type string | FunctionArgs

ARN of the custom SMS sender function.

triggers.defineAuthChallenge?

Type string | FunctionArgs

ARN of the lambda function to name a custom challenge.

triggers.postAuthentication?

Type string | FunctionArgs

ARN of the lambda function to add custom logging and analytics for authenticated sessions.

triggers.postConfirmation?

Type string | FunctionArgs

ARN of the lambda function to customize welcome messages and log events for custom analytics.

triggers.preAuthentication?

Type string | FunctionArgs

ARN of the lambda function to modify or deny sign-in with custom logic.

triggers.preSignUp?

Type string | FunctionArgs

ARN of the lambda function to validate users when they sign up and customize their attributes.

triggers.preTokenGenerationConfig?

Type string | FunctionArgs

ARN of the lambda function to modify claims in ID and access tokens.

triggers.userMigration?

Type string | FunctionArgs

ARN of the lambda function to migrate a user from another directory when they sign in to your user pool.

triggers.verifyAuthChallengeResponse?

Type string | FunctionArgs

ARN of the lambda function to compare user answer to expected answer for a custom challenge.

usernames?

Type Input<Input<email | phone>[]>

Default User can only sign in with their username.

Allow users to be able to sign up and sign in with an email addresses or phone number as their username.

{
  usernames: ["email"]
}

Properties

id

Type Output<string>

The Cognito user pool ID.

nodes

Type Object

The underlying resources this component creates.

nodes.userPool

Type UserPool

The Amazon Cognito user pool.

SDK

The following are accessible through the SDK at runtime.

id

Type string

The Cognito user pool ID.

Methods

addClient

addClient(name, args?)

Parameters

Returns CognitoUserPoolClient

Add a client to the user pool.

userPool.addClient("Web");

CognitoUserPoolClientArgs

transform?

Type Object

Transform how this component creates its underlying resources.

transform.client?

Type UserPoolClientArgs | (args: UserPoolClientArgs => void)

Transform the Cognito user pool client resource.