AWS Security ChangesHomeSearch

AWS code-library high security documentation change

Service: code-library · 2026-01-25 · Security-related high

File: code-library/latest/ug/cognito-identity-provider_example_cognito-identity-provider_VerifySoftwareToken_section.md

Summary

Added SAP ABAP code example for VerifySoftwareToken operation

Security assessment

The VerifySoftwareToken operation implements multi-factor authentication (MFA), a core security control. The example shows proper error handling for invalid MFA codes and already-enabled tokens, directly addressing authentication security.

Diff

diff --git a/code-library/latest/ug/cognito-identity-provider_example_cognito-identity-provider_VerifySoftwareToken_section.md b/code-library/latest/ug/cognito-identity-provider_example_cognito-identity-provider_VerifySoftwareToken_section.md
index df4f4b5dd..1a908a0ec 100644
--- a//code-library/latest/ug/cognito-identity-provider_example_cognito-identity-provider_VerifySoftwareToken_section.md
+++ b//code-library/latest/ug/cognito-identity-provider_example_cognito-identity-provider_VerifySoftwareToken_section.md
@@ -295,0 +296,39 @@ There's more on GitHub. Find the complete example and learn how to set up and ru
+SAP ABAP
+    
+
+**SDK for SAP ABAP**
+    
+
+###### Note
+
+There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/cgp#code-examples). 
+    
+    
+        TRY.
+            DATA(lo_result) = lo_cgp->verifysoftwaretoken(
+              iv_session = iv_session
+              iv_usercode = iv_user_code
+            ).
+    
+            ov_status = lo_result->get_status( ).
+    
+            IF ov_status = 'SUCCESS'.
+              MESSAGE 'MFA token verified successfully.' TYPE 'I'.
+            ELSE.
+              MESSAGE |MFA verification status: { ov_status }.| TYPE 'I'.
+            ENDIF.
+    
+          CATCH /aws1/cx_cgpcodemismatchex INTO DATA(lo_code_ex).
+            MESSAGE 'Invalid MFA code provided.' TYPE 'E'.
+    
+          CATCH /aws1/cx_cgpenbsoftwaretokmf00 INTO DATA(lo_enabled_ex).
+            MESSAGE 'Software token MFA is already enabled.' TYPE 'E'.
+        ENDTRY.
+    
+    
+
+  * For API details, see [VerifySoftwareToken](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html) in _AWS SDK for SAP ABAP API reference_. 
+
+
+
+