'Is it possible to prevent UsernameExistsException from happening for AWS Cognito?

I feel that it is unsafe for UsernameExistsException to happen when a user tries to sign up with an email address that is already created because a hacker can just use random email addresses to try signing up to check if an account has been created for such emails.

Ideally, AWS Cognito will not throw an error when an already-used email address is used for signing up and instead return a successful response, sending an email to the address that someone attempted to sign up.

Is this possible to do in AWS Cognito? I've checked these pages so far but had no luck.

https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-managing-errors.html

https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html

amazon-cognito


Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source

Related Questions

Getting Amazon Cognito Access Token in Java

How To Verify Access Token on Server

Cognito SMS Auth to SNS in a different region

Using an API key in Amazon API Gateway

How to use multiple Cognito user pools for a single endpoint with AWS API Gateway?

How to change background of aws amplify/cognito login/signup screen

AWS Cognito in place of Keycloak [closed]

Can one set email_verified to true in Cognito programmatically? How?

How to get x-amzn-oidc-data in Expres/NodeJs backend with ALB and Cognito?

Automatically confirming Cognito users after they complete NEW_PASSWORD_REQUIRED challenge

AWS Cognito; unauthorized_client error when hitting /oauth2/token

AWS Cognito; unauthorized_client error when hitting /oauth2/token

AWS: Authorize users to specific clients

How to return json from callback function within the Lambda?

AWS Cognito delete-custom-attributes?