AWS Security ChangesHomeSearch

AWS cognito documentation change

Service: cognito · 2025-04-03 · Documentation low

File: cognito/latest/developerguide/user-pool-lambda-pre-sign-up.md

Summary

Removed flow diagrams, updated trigger invocation details for SignUp/AdminCreateUser, simplified example titles and structure

Security assessment

Documentation restructuring and clarification of sign-up trigger operation points without security-related content additions or vulnerability fixes

Diff

diff --git a/cognito/latest/developerguide/user-pool-lambda-pre-sign-up.md b/cognito/latest/developerguide/user-pool-lambda-pre-sign-up.md
index 91292c0a8..e25478049 100644
--- a//cognito/latest/developerguide/user-pool-lambda-pre-sign-up.md
+++ b//cognito/latest/developerguide/user-pool-lambda-pre-sign-up.md
@@ -5 +5 @@
-Pre sign-up Lambda flowsPre sign-up Lambda trigger parametersSign-up examplesPre sign-up example: Auto-confirm users from a registered domainPre sign-up example: Auto-confirm and auto-verify all usersPre sign-up example: Deny sign-up if user name has fewer than five characters
+ParametersExample: email domain auto-confirmExample: auto-confirm and verify allExample: validate username length
@@ -11 +11 @@ You might want to customize the sign-up process in user pools that have self-ser
-Shortly before Amazon Cognito signs up a new [local](./cognito-terms.html#terms-localuser) or [federated](./cognito-terms.html#terms-federateduser) user, it activates the pre sign-up Lambda function. As part of the sign-up process, you can use this function to analyze the sign-in event with custom logic, and modify or deny the new user.
+Immediately before Amazon Cognito completes creation of a new [local](./cognito-terms.html#terms-localuser) or [federated](./cognito-terms.html#terms-federateduser) user, it activates the pre sign-up Lambda function. Your user pool invokes this trigger on self-service sign-up with [SignUp](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SignUp.html) or first sign-in with a trusted [identity provider](./amazon-cognito-user-pools-authentication-flow-methods.html#amazon-cognito-user-pools-authentication-flow-methods-federated), and on user creation with [AdminCreateUser](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminCreateUser.html). As part of the sign-up process, you can use this function to analyze the sign-in event with custom logic, and modify or deny the new user.
@@ -15,2 +14,0 @@ Shortly before Amazon Cognito signs up a new [local](./cognito-terms.html#terms-
-  * Pre sign-up Lambda flows
-
@@ -19,2 +16,0 @@ Shortly before Amazon Cognito signs up a new [local](./cognito-terms.html#terms-
-  * Sign-up examples
-
@@ -30,12 +25,0 @@ Shortly before Amazon Cognito signs up a new [local](./cognito-terms.html#terms-
-## Pre sign-up Lambda flows
-
-### Client sign-up flow
-
-![Pre sign-up Lambda trigger - client flow](/images/cognito/latest/developerguide/images/lambda-pre-sign-up-1.png)
-
-### Server sign-up flow
-
-![Pre sign-up Lambda trigger - server flow](/images/cognito/latest/developerguide/images/lambda-pre-sign-up-2.png)
-
-The request includes validation data from the client. This data comes from the `ValidationData` values passed to the user pool SignUp and AdminCreateUser API methods.
-
@@ -119,4 +102,0 @@ If the `phone_number` attribute is selected as an alias, an alias will be create
-## Sign-up examples
-
-Your users can sign up in [managed login](./cognito-user-pools-managed-login.html). You can also find SDK example code for the [SignUp](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SignUp.html) operation at [Use SignUp with an AWS SDK or CLI](./cognito-identity-provider_example_cognito-identity-provider_SignUp_section.html).
-
@@ -300 +280 @@ Using Lambda triggers
-Post confirmation Lambda trigger
+Post confirmation