Cognito and users with the unique email

How to not allow users to register with the existing e-mail

Friday, May 15, 2020

Share this page:

Issue: duplicate emails in Cognito

You would expect to receive an error trying to sign up an account with an email address that is already verified and attached to another account.

Reality

If you use “username” login and “allow email logins” then Cognito allows multiple accounts to have the same email address. For the purpose of logging in it will point to only one of those accounts (the verified one).

Solution

As always, there is an infinite number of solutions, but here are 2 I consider acceptable for most:

“Win-Lose”: set up UserPool with no username

You can setup your user pool through Cognito Users Pools in the AWS console and select “Email address or phone number” when asked how you want your users to login. Once your pool is setup correctly you won’t be allowed to register an account twice with the same email address.

Do not select “Username” then “Also allow sign in with verified email address”. This does what you’re experiencing. Do not use AWS Mobile Hub as this sets up the pool using “Username” and does what you’re experiencing.

Win-WIn: Use your ninja coding skills

You can always do this in your code. It’s a win-win from a functionality point of view, but… it might add some latency.

← Previous