AWS Security ChangesHomeSearch

AWS cognito documentation change

Service: cognito · 2026-01-25 · Documentation low

File: cognito/latest/developerguide/cognito-identity-provider_example_cognito-identity-provider_VerifySoftwareToken_section.md

Summary

Added SAP ABAP SDK code example for VerifySoftwareToken API with MFA verification logic and error handling

Security assessment

Documents security-related MFA verification implementation but does not indicate fixes for vulnerabilities. The example shows proper security practice for token validation.

Diff

diff --git a/cognito/latest/developerguide/cognito-identity-provider_example_cognito-identity-provider_VerifySoftwareToken_section.md b/cognito/latest/developerguide/cognito-identity-provider_example_cognito-identity-provider_VerifySoftwareToken_section.md
index 045ddcb4b..c5c7329e5 100644
--- a//cognito/latest/developerguide/cognito-identity-provider_example_cognito-identity-provider_VerifySoftwareToken_section.md
+++ b//cognito/latest/developerguide/cognito-identity-provider_example_cognito-identity-provider_VerifySoftwareToken_section.md
@@ -293,0 +294,39 @@ There's more on GitHub. Find the complete example and learn how to set up and ru
+SAP ABAP
+    
+
+**SDK for SAP ABAP**
+    
+
+###### Note
+
+There's more on GitHub. Find the complete example and learn how to set up and run in the [AWS Code Examples Repository](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/cgp#code-examples). 
+    
+    
+        TRY.
+            DATA(lo_result) = lo_cgp->verifysoftwaretoken(
+              iv_session = iv_session
+              iv_usercode = iv_user_code
+            ).
+    
+            ov_status = lo_result->get_status( ).
+    
+            IF ov_status = 'SUCCESS'.
+              MESSAGE 'MFA token verified successfully.' TYPE 'I'.
+            ELSE.
+              MESSAGE |MFA verification status: { ov_status }.| TYPE 'I'.
+            ENDIF.
+    
+          CATCH /aws1/cx_cgpcodemismatchex INTO DATA(lo_code_ex).
+            MESSAGE 'Invalid MFA code provided.' TYPE 'E'.
+    
+          CATCH /aws1/cx_cgpenbsoftwaretokmf00 INTO DATA(lo_enabled_ex).
+            MESSAGE 'Software token MFA is already enabled.' TYPE 'E'.
+        ENDTRY.
+    
+    
+
+  * For API details, see [VerifySoftwareToken](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html) in _AWS SDK for SAP ABAP API reference_. 
+
+
+
+