Sets the user's multi-factor authentication (MFA) preference, including which MFA options are activated, and if any are preferred. Only one factor can be set as preferred. The preferred MFA factor will be used to authenticate a user if multiple factors are activated. If multiple options are activated and no preference is set, a challenge to choose an MFA option will be returned during sign-in.
See https://www.paws-r-sdk.com/docs/cognitoidentityprovider_admin_set_user_mfa_preference/ for full documentation.
cognitoidentityprovider_admin_set_user_mfa_preference(
SMSMfaSettings = NULL,
SoftwareTokenMfaSettings = NULL,
EmailMfaSettings = NULL,
Username,
UserPoolId
)User preferences for SMS message MFA. Activates or deactivates SMS MFA and sets it as the preferred MFA method when multiple methods are available.
User preferences for time-based one-time password (TOTP) MFA. Activates or deactivates TOTP MFA and sets it as the preferred MFA method when multiple methods are available.
User preferences for email message MFA. Activates or deactivates email MFA and sets it as the preferred MFA method when multiple methods are available. To activate this setting, advanced security features must be active in your user pool.
[required] The username of the user that you want to query or modify. The value of
this parameter is typically your user's username, but it can be any of
their alias attributes. If username isn't an alias attribute in your
user pool, this value must be the sub of a local user or the username
of a user from a third-party IdP.
[required] The ID of the user pool where you want to set a user's MFA preferences.