amplify-swift
amplify-swift copied to clipboard
aws-amplify
Amplify auth delete with added security
Is your feature request related to a problem? Please describe.
I would like to request a feature for adding security layer to account deactivation. It seems when user wants to remove his account we can just call .delet() without any parameter. This is very dangerous as it can be misused if someone get access to the user's device. i.e. his child can open the app without needing to login and deactivate his account.
Describe the solution you'd like
Add a security layer like asking the user login password and / or confirmation code that is sent to his email.
Describe alternatives you've considered
- Very password
- Email confirmation code
Is the feature request related to any of the existing Amplify categories?
Auth
Additional context
No response
This has been identified as a feature request. If this feature is important to you, we strongly encourage you to give a 👍 reaction on the request. This helps us prioritize new features most important to you. Thank you!
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
@elusivestudio This is something that is not supported by AWSCognito. For the time being, I suggest to implement some client side logic for accidental deletion of accounts.
Meanwhile, I will follow up with the service team.
Yes I have to implemented a backend api to add a security layer with a confirmation code. But I thought I should report this as it would be nice if Amplify can handle it for us.