MFAMethodNotFoundException with SMS MFA required

[martinezguillaume]

Before opening, please confirm:

• I have searched for duplicate or closed issues and discussions.
• I have read the guide for submitting bug reports.
• I have done my best to include a minimal, self-contained set of instructions for consistently reproducing the issue.

JavaScript Framework

React, React Native

Amplify APIs

Authentication

Amplify Version

v6

Amplify Categories

auth

Backend

None

Environment information

  System:
    OS: macOS 15.0.1
    CPU: (8) arm64 Apple M1 Pro
    Memory: 151.73 MB / 16.00 GB
    Shell: 5.9 - /bin/zsh
  Binaries:
    Node: 20.12.2 - ~/.nvm/versions/node/v20.12.2/bin/node
    Yarn: 1.22.17 - /opt/homebrew/bin/yarn
    npm: 10.8.3 - ~/.nvm/versions/node/v20.12.2/bin/npm
    bun: 1.1.28 - /opt/homebrew/bin/bun
    Watchman: 2024.09.09.00 - /opt/homebrew/bin/watchman
  Browsers:
    Chrome: 130.0.6723.117
    Safari: 18.0.1
  npmPackages:
    @amplitude/analytics-react-native: ^1.4.9 => 1.4.9 
    @aws-amplify/react-native: ^1.1.1 => 1.1.1 
    @aws-amplify/ui-react-native: ^2.2.2 => 2.2.2 
    @babel/core: ^7.20.0 => 7.24.7 
    @dev-plugins/react-navigation: ^0.0.6 => 0.0.6 
    @dev-plugins/react-query: ^0.0.6 => 0.0.6 
    @expo-google-fonts/poppins: ^0.2.3 => 0.2.3 
    @expo/vector-icons: ^14.0.0 => 14.0.2 
    @gorhom/bottom-sheet: ^4.6.3 => 4.6.3 
    @lingui/cli: ^4.11.1 => 4.11.1 
    @lingui/macro: ^4.11.1 => 4.11.1 
    @lingui/react: ^4.11.1 => 4.11.1 
    @react-native-async-storage/async-storage: ^1.23.1 => 1.23.1 
    @react-native-community/datetimepicker: 8.0.1 => 8.0.1 
    @react-native-community/netinfo: 11.3.1 => 11.3.1 
    @react-native-community/slider: ^4.5.2 => 4.5.2 
    @react-navigation/elements: ^1.3.31 => 1.3.31 
    @react-navigation/material-top-tabs: ^6.6.14 => 6.6.14 
    @react-navigation/native: ^6.0.2 => 6.1.17 
    @sentry/react-native: ~5.32.0 => 5.32.0 
    @shopify/react-native-skia: 1.2.3 => 1.2.3 
    @storybook/addon-ondevice-actions: ^7.6.20 => 7.6.20 
    @storybook/addon-ondevice-controls: ^7.6.20 => 7.6.20 
    @storybook/react: ^7.6.19 => 7.6.19 
    @storybook/react-native: ^7.6.20 => 7.6.20 
    @stripe/stripe-react-native: 0.37.2 => 0.37.2 
    @svgr/cli: ^8.1.0 => 8.1.0 
    @tanstack/eslint-plugin-query: ^5.50.1 => 5.50.1 
    @tanstack/query-codemods:  4.24.3 
    @tanstack/query-sync-storage-persister: ^5.50.1 => 5.50.1 
    @tanstack/react-query: ^5.49.2 => 5.50.1 
    @tanstack/react-query-persist-client: ^5.50.1 => 5.50.1 
    @types/jest: ^29.5.12 => 29.5.12 
    @types/jsonapi-serializer: ^3.6.8 => 3.6.8 
    @types/react: ~18.2.45 => 18.2.79 
    @types/react-test-renderer: ^18.0.7 => 18.3.0 
    @typescript-eslint/parser: ^7.13.0 => 7.13.0 
    HelloWorld:  0.0.1 
    aws-amplify: ^6.3.6 => 6.3.6 
    aws-amplify/adapter-core:  undefined ()
    aws-amplify/analytics:  undefined ()
    aws-amplify/analytics/kinesis:  undefined ()
    aws-amplify/analytics/kinesis-firehose:  undefined ()
    aws-amplify/analytics/personalize:  undefined ()
    aws-amplify/analytics/pinpoint:  undefined ()
    aws-amplify/api:  undefined ()
    aws-amplify/api/server:  undefined ()
    aws-amplify/auth:  undefined ()
    aws-amplify/auth/cognito:  undefined ()
    aws-amplify/auth/cognito/server:  undefined ()
    aws-amplify/auth/enable-oauth-listener:  undefined ()
    aws-amplify/auth/server:  undefined ()
    aws-amplify/data:  undefined ()
    aws-amplify/data/server:  undefined ()
    aws-amplify/datastore:  undefined ()
    aws-amplify/in-app-messaging:  undefined ()
    aws-amplify/in-app-messaging/pinpoint:  undefined ()
    aws-amplify/push-notifications:  undefined ()
    aws-amplify/push-notifications/pinpoint:  undefined ()
    aws-amplify/storage:  undefined ()
    aws-amplify/storage/s3:  undefined ()
    aws-amplify/storage/s3/server:  undefined ()
    aws-amplify/storage/server:  undefined ()
    aws-amplify/utils:  undefined ()
    babel-loader: ^8.3.0 => 8.3.0 
    babel-plugin-macros: ^3.1.0 => 3.1.0 
    dayjs: ^1.11.11 => 1.11.11 
    eslint: ^8.57.0 => 8.57.0 
    eslint-config-expo: ^7.0.0 => 7.1.2 
    eslint-config-prettier: ^9.1.0 => 9.1.0 
    eslint-import-resolver-typescript: ^3.6.1 => 3.6.1 
    eslint-plugin-import: ^2.29.1 => 2.29.1 
    eslint-plugin-lingui: ^0.3.0 => 0.3.0 
    eslint-plugin-prettier: ^5.1.3 => 5.1.3 
    eslint-plugin-tailwindcss: ^3.17.3 => 3.17.3 
    expo: ~51.0.31 => 51.0.32 
    expo-battery: ~8.0.1 => 8.0.1 
    expo-constants: ~16.0.2 => 16.0.2 
    expo-dev-client: ~4.0.26 => 4.0.26 
    expo-file-system: ~17.0.1 => 17.0.1 
    expo-font: ~12.0.7 => 12.0.10 
    expo-haptics: ~13.0.1 => 13.0.1 
    expo-image: ~1.12.15 => 1.12.15 
    expo-intent-launcher: ~11.0.1 => 11.0.1 
    expo-keep-awake: ~13.0.2 => 13.0.2 
    expo-linking: ~6.3.1 => 6.3.1 
    expo-router: ~3.5.23 => 3.5.23 
    expo-sharing: ~12.0.1 => 12.0.1 
    expo-splash-screen: ~0.27.5 => 0.27.5 
    expo-status-bar: ~1.12.1 => 1.12.1 
    expo-system-ui: ~3.0.7 => 3.0.7 
    expo-updates: ~0.25.24 => 0.25.24 
    expo-web-browser: ~13.0.3 => 13.0.3 
    express:  0.0.0 
    jest: ^29.2.1 => 29.7.0 
    jest-expo: ~51.0.4 => 51.0.4 
    jsonapi-serializer: ^3.6.9 => 3.6.9 
    lodash: ^4.17.21 => 4.17.21 
    nativewind: ^4.1.10 => 4.1.10 
    onesignal-expo-plugin: ^2.0.3 => 2.0.3 
    patch-package: ^8.0.0 => 8.0.0 
    prettier: ^3.3.1 => 3.3.1 (2.8.8)
    react: 18.2.0 => 18.2.0 
    react-dom: 18.2.0 => 18.2.0 
    react-native: 0.74.5 => 0.74.5 
    react-native-confirmation-code-field: ^7.4.0 => 7.4.0 
    react-native-gesture-handler: ~2.16.1 => 2.16.2 
    react-native-get-random-values: ^1.11.0 => 1.11.0 
    react-native-keyboard-controller: ^1.12.5 => 1.12.5 
    react-native-mmkv: ^2.12.2 => 2.12.2 
    react-native-onesignal: ^5.2.2 => 5.2.2 
    react-native-pager-view: 6.3.0 => 6.3.0 
    react-native-progress: ^5.0.1 => 5.0.1 
    react-native-reanimated: ~3.10.1 => 3.10.1 
    react-native-safe-area-context: 4.10.5 => 4.10.5 
    react-native-screens: 3.31.1 => 3.31.1 
    react-native-svg: 15.2.0 => 15.2.0 
    react-native-tab-view: ^3.5.2 => 3.5.2 
    react-native-toast-message: ^2.2.0 => 2.2.0 
    react-native-url-polyfill: ^2.0.0 => 2.0.0 
    react-native-web: ~0.19.10 => 0.19.12 
    react-native-wheely: ^0.6.0 => 0.6.0 
    react-test-renderer: 18.2.0 => 18.2.0 
    tailwind-variants: ^0.2.1 => 0.2.1 
    tailwindcss: ^3.4.4 => 3.4.4 
    ts-node: ^10.9.2 => 10.9.2 
    typescript: ~5.5.4 => 5.5.4 
    victory-native: ^41.0.2 => 41.0.2 
    zod: ^3.23.8 => 3.23.8 
    zustand: ^4.5.2 => 4.5.2 
  npmGlobalPackages:
    corepack: 0.25.2
    eas-cli: 12.6.1
    npm: 10.8.3

Describe the bug

Hi,
I'm using the package aws-amplify/auth and I have a problem with authentification with SMS MFA.
In the connexion of an user that don't have a phone number yet, it returns an error MFAMethodNotFoundException and it is impossible to login.
I don't have the screen "Set up SMS MFA" existing in the Hosted UI. When I'm trying to use updateUserAttribute to update the user phone attribute, it returns the error UserUnAuthenticatedException.
How can I update the phone of an user, that don't have a phone yet and with SMS MFA required.
Thanks for your help

Expected behavior

When a user don't have the phone attribute define, and with SMS MFA required, it should redirect to a screen like the one in hosted ui after the user tries to signin

Reproduction steps

1. Enable SMS MFA and put it to required
2. Create a user without a phone number
3. Try to connect with @aws-amplify/ui-react-native or @aws-amplify/ui-react
4. Returns an error MFAMethodNotFoundException without the possibility to setup a phone number

Code Snippet

No response

Log output

No response

aws-exports.js

No response

Manual configuration

No response

Additional configuration

No response

Mobile Device

No response

Mobile Operating System

No response

Mobile Browser

No response

Mobile Browser Version

No response

Additional information and screenshots

No response

[cwomack]

Hey, @martinezguillaume 👋. Can you clarify if this is a Gen 1 app (using CLI to provision backend resources like your User Pool) or if this is Gen 2 (CDK, with defineAuth backend file)? Did you require a phone number as an attribute for the User Pool or was MFA and the usage of phone numbers added after the fact? For context, Cognito doesn't support MFA setup for SMS outside of the Hosted UI as well.

Also, any frontend code that you can provide tied this authentication flow might be helpful as well. Thanks!

[martinezguillaume]

Hi and thanks for your answer !
I'm directly to AWS resource without using backend like in the doc. My config look like this

import { Amplify } from "aws-amplify"

Amplify.configure({
  Auth: {
    Cognito: {
      userPoolId: "<your-cognito-user-pool-id>",
      userPoolClientId: "<your-cognito-user-pool-client-id>",
      identityPoolId: "<your-cognito-identity-pool-id>",
      loginWith: {
        email: true,
      },
      signUpVerificationMethod: "code",
      userAttributes: {
        email: {
          required: true,
        },
      },
      allowGuestAccess: true,
      passwordFormat: {
        minLength: 8,
        requireLowercase: true,
        requireUppercase: true,
        requireNumbers: true,
        requireSpecialCharacters: true,
      },
    },
  },
})

The phone attribute is not required, and the MFA was added after. In my case, it's an admin that is creating the user (without a phone), and I would like the user to setup his phone and MFA on first signin (like hosted ui).
I'm using @aws-amplify/ui-react-native & @aws-amplify/ui-react to handle the signin & signup.

[cwomack]

@martinezguillaume, appreciate the additional context. It also sounds like you're using the Authenticator component then based on the packages referenced above. Any chance you could provide that frontend code where the Authenticator is being used or the Auth API's are being called?

As stated before, Cognito doesn't support MFA setup for SMS outside of the Hosted UI. Is the admin that's creating these users in the Cognito console also confirming/updating the user beyond their initial creation?