Automate AWS Cognito SignUp and Confirm User flows using Java


As we all know, AWS facilitates the Developers and QA Engineers with AWS CLI to register and confirm new users in AWS. This AWS CLI executes the simple command which takes a few parameters like Username, Password, Email and AWS clientId, etc. to register new users. This is a simple yet repetitive task in your testing cycles. Moreover, you may need to test your app with different scenarios like Create User, Confirm the newly Registered User, and Perform actions with the new user in the AUT (Application Under Test). It is also important to automate the AWS Sign up and Confirm User flows. There are multiple tools available to automate this procedure, and if you choose to do it with Rest Assured + Java, this article is going to help you with end to end solution. Let’s first revisit the signup and confirm user flows using AWS CLI and then understand how to automate the procedures using Java.

  1. Sign up User using AWS CLI:
    aws cognito-idp sign-up \
    — client-id <AWS clientId>\
    — username eliminatorMP \
    — password Test@1234 \
    — user-attributes Name=”email”,

    Please replace <AWS clientId> with AWS clientId.
    e.g. 12vrftc79p5s797giuehig1ddr
  2. This will create a new user in AWS Cognito and the user will receive the OTP/Verification code in the email address provided in the above command. Using the OTP/Verification code, we need to confirm the user identity.
  3. Confirm User:
    aws cognito-idp sign-up \
    — client-id <AWS clientId> \
    — username eliminatorMP \
    — confirmation-code 123456

Please replace <AWS clientId> with AWS clientId.
e.g. 12vrftc79p5s797giuehig1ddr

The user is registered successfully and able to log in to the application using the username and password and perform the actions in the app.

Automate SignUp and Confirm User flows using RestAssured + Java

Let’s understand how the above two steps can be automated using Java and can be used in your Rest Assured API Testing framework.

Create Java Class File and name it to

package com.AWSRestAssured.util;import com.amazonaws.auth.SystemPropertiesCredentialsProvider;
import com.amazonaws.regions.Regions;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import static com.amazonaws.SDKGlobalConfiguration.ACCESS_KEY_SYSTEM_PROPERTY;
import static com.amazonaws.SDKGlobalConfiguration.SECRET_KEY_SYSTEM_PROPERTY;
import static com.digitalfuel.core.Config.EMAIL_TEMPLATES_JSON;
public class AWSCognitoUtils {

public static String accessKey = null;
public static String secretKey = null;
public static String clientId = null ;
public static String poolId = null;
public static AWSCognitoIdentityProvider provider;
public static Regions regions;

public void signUp(String username, String password, String emailAddress) {
SignUpRequest signUpRequest = new SignUpRequest()
public void confirmSignup(String username){
MailReader mailReader = new MailReader();
String otpEmailBody;
String otpCode;
String otpEmailSubject = "Your verification code";

//You need to create MailReader util method which read the OTP from email body as per your email format.
otpCode = mailReader.readEmail(otpEmailSubject);;

provider.confirmSignUp(new ConfirmSignUpRequest().withUsername(username).withClientId(clientId).withConfirmationCode(otpCode));
public static List<AttributeType> getUserAttributes(String emailAddress) {
ArrayList<AttributeType> attributes = new ArrayList<>();
attributes.add(new AttributeType().withName("email").withValue(emailAddress));
return attributes;
public static void setupCognito(){
regions = <Provide AWS Region name e.g. Regions.EU_WEST_1>;
accessKey = “<Replace your accessKey>”;
secretKey = “<Replace your secretKey>”;
clientId = “<Replace your clientId>”;
poolId = “<Replace your poolId>”;
System.setProperty(ACCESS_KEY_SYSTEM_PROPERTY, accessKey); System.setProperty(SECRET_KEY_SYSTEM_PROPERTY, secretKey);

provider = AWSCognitoIdentityProviderClientBuilder.standard()
.withRegion(regions).withCredentials(new SystemPropertiesCredentialsProvider()).build();

Security Notes: I strongly recommend keeping your AWS accessKey/secretKey/clientId/poolId secured. You may keep it in the separate config file and add that config file in the .gitignore file to skip it pushing to the git repository. If you are using any CI/CD pipeline, please use the best practices provided to keep the above information secured.

That’s it..!! Your Test User is registered successfully and ready to use in your RestAssured API test cases.

Happy Testing…. Very Happy Automated Testing…. :)



Maulikkumar Patel
An Automation and Functional QA Evangelist




Automation and Functional QA Evangelist

Love podcasts or audiobooks? Learn on the go with our new app.

Split Your Screen with IPEVO Visualizer Software

Split Your Screen with IPEVO Visualizer Software

Laravel Model Custom Logs Using Traits

All my self-improvement articles

Developers’ self-improvement

Creating a no-code AWS native OLTP to OLAP data pipeline — Part 1

How to Deploy Elixir Modules @ Different Nodes?

Android Testing

Application Security for builders and creators

Claire, the AppSec, joins Alice and Bob

droidcon Americas — A Sneak Peek!

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Maulikkumar Patel

Maulikkumar Patel

Automation and Functional QA Evangelist

More from Medium

AWS EC2 with Java SDK — Part 2

How to Use AWS Parameter Store

Let's create an API in Spring Boot

Deploying Spring Boot App to AWS using CircleCI — Complete guide