Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Create the csv (Amazon Cognito Console > Manage User Pools > Select User Pool > Users tab > Import users > Download CSV header. This will give you a .csv file with the header row already included. It should be in utf-8 format.

  2. The following attributes are required:

    1. username

    2. mfa_enabled

    3. email_verified or phone_number_verified

    4. email (if email_verified is true)

    5. phone_number (if phone_number_verified is true)

    6. any other attributes marked as required when the User Pool was created (I assume there are none)

    7. Create and run the User Pool Import Job - choose Create Import Job, give it a name, upload the csv and click Create Job. Then click Start.

  3. You can view the User Pool Import Results in the CloudWatch Console

  4. Users will need to create their password when the first sign in. *** Need to test out a bulk create with a csv and look at how we send out the welcome email ***

  5. Notes on the csv:

    1. attribute values that are strings should not be in quotes

    2. username must be unique in the User Pool and not contain spaces or tabs

    3. birthdate attribute needs to be in US format (urgh) mm/dd/yyyy

    4. mfa_enabled needs to be true for all users

    5. max line length 16000 chars

    6. max csv size is 100MB

    7. max users in the file (i.e. rows) is 500,000

    8. updated_at field value is epoch time in seconds e.g. 1471453471

    9. leading or trailing whitespace will be trimmer

What this means in non-technical terms…

This is the first attempt at defining the actual process in terms of TIS/Oriel etc. It’s a guess so will need to be added to, fixed, scribbled over etc

  1. Users (Trainees) will need an email address and mobile number. The email address will be the username. The phone number will be used for 2FA. Q1 - should we require the email and phone number to both be verified?

Wider Roll-out

The TIS team doesn’t have the resource to manage the users once we get past the initial pilot phase. This will be delegated to local offices - to people who already have access to TIS-Admin as administrators.

...