AWS cognito documentation change
Summary
Expanded explanation of challenge verification process and parameter references
Security assessment
Clarifies authentication flow mechanics but doesn't introduce new security features or address vulnerabilities
Diff
diff --git a/cognito/latest/developerguide/user-pool-lambda-verify-auth-challenge-response.md b/cognito/latest/developerguide/user-pool-lambda-verify-auth-challenge-response.md index 6cedee369..b444fef38 100644 --- a//cognito/latest/developerguide/user-pool-lambda-verify-auth-challenge-response.md +++ b//cognito/latest/developerguide/user-pool-lambda-verify-auth-challenge-response.md @@ -5 +5 @@ -Verify Auth challenge Lambda trigger parametersVerify Auth challenge response example +ParametersExample: compare challenge answer @@ -101 +101,3 @@ If the user successfully completes the challenge, Amazon Cognito sets this param -In this example, the Lambda function checks whether the user's response to a challenge matches the expected response. If the user's response matches the expected response, Amazon Cognito sets the `answerCorrect` parameter to `true`. +This verify auth challenge function checks whether the user's response to a challenge matches the expected response. The user's answer is defined by input from your application and the preferred answer is defined by `privateChallengeParameters.answer` in the response from the [create auth challenge trigger response](./user-pool-lambda-create-auth-challenge.html#aws-lambda-triggers-create-auth-challenge-example). Both the correct answer and the given answer are part of the input event to this function. + +In this example, if the user's response matches the expected response, Amazon Cognito sets the `answerCorrect` parameter to `true`. @@ -129 +131 @@ To use the Amazon Web Services Documentation, Javascript must be enabled. Please -Create auth challenge Lambda trigger +Create auth challenge @@ -131 +133 @@ Create auth challenge Lambda trigger -Pre token generation Lambda trigger +Pre token generation