AWS Cognito MCP Server

Implementation Reference

• index.ts:854-914 (handler)

  The handler function implements the core logic for verifying the software token (TOTP code) using AWS Cognito's verifySoftwareToken method after retrieving the user session.
  async ({ username, totpCode }) => { return new Promise((resolve, reject) => { const cognitoUser = new CognitoUser({ Username: username, Pool: userPool }); cognitoUser.getSession((err: Error | null, _session: CognitoUserSession) => { if (err) { reject({ content: [ { type: "text" as const, text: `Error getting session: ${err.message}`, } ] }); return; } cognitoUser.verifySoftwareToken(totpCode, 'TOTP Authenticator App', { onSuccess: (result) => { resolve({ content: [ { type: "text" as const, text: "TOTP token verified successfully", }, { type: "text" as const, text: `Username: ${username}`, }, { type: "text" as const, text: `Status: ${result || 'SUCCESS'}`, }, { type: "text" as const, text: `Time: ${new Date().toISOString()}`, } ] }); }, onFailure: (err) => { reject({ content: [ { type: "text" as const, text: `Failed to verify TOTP token: ${err.message}`, }, { type: "text" as const, text: `Error code: ${(err as any).code || 'Unknown'}`, } ] }); } }); }); }); }
• index.ts:850-852 (schema)

  The input schema defining parameters 'username' and 'totpCode' validated with Zod.
  { username: z.string(), totpCode: z.string()
• index.ts:848-915 (registration)

  The registration of the 'verify_software_token' tool using server.tool(), specifying name, input schema, and handler function.
  server.tool( "verify_software_token", { username: z.string(), totpCode: z.string() }, async ({ username, totpCode }) => { return new Promise((resolve, reject) => { const cognitoUser = new CognitoUser({ Username: username, Pool: userPool }); cognitoUser.getSession((err: Error | null, _session: CognitoUserSession) => { if (err) { reject({ content: [ { type: "text" as const, text: `Error getting session: ${err.message}`, } ] }); return; } cognitoUser.verifySoftwareToken(totpCode, 'TOTP Authenticator App', { onSuccess: (result) => { resolve({ content: [ { type: "text" as const, text: "TOTP token verified successfully", }, { type: "text" as const, text: `Username: ${username}`, }, { type: "text" as const, text: `Status: ${result || 'SUCCESS'}`, }, { type: "text" as const, text: `Time: ${new Date().toISOString()}`, } ] }); }, onFailure: (err) => { reject({ content: [ { type: "text" as const, text: `Failed to verify TOTP token: ${err.message}`, }, { type: "text" as const, text: `Error code: ${(err as any).code || 'Unknown'}`, } ] }); } }); }); }); } )