Auth Get Device Details API

[mithunkavullakandiyil]

Currently, in Amplify Auth Library, three APIs available which are related to devices. ((void)rememberDevice, (void)forgetDevice and (list)fetchDevices). There is no way to identify the current device from the devices list returned by fetchDevices API method.

Need a API to get the current device.

[abdallahshaban557]

Hi @mithunkavullakandiyil - thank you for submitting this feature request! Can you please elaborate a bit more on this use case?

[mithunkavullakandiyil]

For our app users, we would like to limit the number of devices they have signed in. The users can manage their devices (Basically, remove devices) so that another device can be added to the list.

This is to limit the number of devices which can be used with a single user account.

[samuelcastro]

I'm facing the same issue. No way to identify the current device to allow users to remove it.

Which is available in the IOS sdk, not in the JavaScript: https://docs.amplify.aws/sdk/auth/device-features/q/platform/ios/#get-device-details

@abdallahshaban557 Any feedback here?

Thanks!

[abdallahshaban557]

Hi @samuelcastro @mithunkavullakandiyil , we have captured this request in our backlog. Thank you for the feedback!

[dtodt]

I'm facing a different use case. In my app, the user cannot have concurrent signed-in devices, so if he sign's in on another device, I must ask him to confirm then sign-out/forget the other device.

Are there any plans to bring this feature to the flutter version?

Thanks.

[Jordan-Nelson]

No way to identify the current device to allow users to remove it.

@samuelcastro - Do you mind expanding on this a bit? The forgetDevice() API would allow you to remove the current device. Would you be able to elaborate on the experience you would like to achieve?

[Jordan-Nelson]

In my app, the user cannot have concurrent signed-in devices, so if he sign's in on another device, I must ask him to confirm then sign-out/forget the other device.

@dtodt - Would you be able to share how you plan to use the current device info to achieve this? Would you plan to do something like the following?

• Log user in
• Fetch known devices
• Compare list of known devices to current device
• If any known devices exist that are not the current device, display a message to the user and log them out

[Jordan-Nelson]

For our app users, we would like to limit the number of devices they have signed in. The users can manage their devices (Basically, remove devices) so that another device can be added to the list.

This is to limit the number of devices which can be used with a single user account.

This sounds similar to @dtodt's request, although I am not sure if you also intend for there to be a hard limit of 1 device logged in. Do you mind elaborating on the experience you are hoping to achieve and how you would like to use this API?

[dtodt]

Banking like apps, @Jordan-Nelson.

We actually made a workaround to this issue.

Now we don't use the amplify device control anymore, we made the control ourselves.

Which consists, in:

• store the client device id in a cognito user property;
• when the user signs in, we check if the current device is the same;
• if isn't, we redirect the user to a replace device flow, otherwise the sign in flow continues.

The only difference is that we manage the device id manually.

[akaunteban]

The behavior described by @dtodt is a workaround of the most efficient solution due you have to add additional attributes to the user and need access to the deviceId.

In the Pull Request #4642 there is an implementation of the API required to implement the most efficient solution.

[lucashfreitas]

Can't you extract it from the accessToken payload? see this issue https://github.com/aws-amplify/amplify-js/issues/13244