I am working on a Xamarin app that uses AWS Cognito for user authentication. I'm trying to implement a forgot password, and the MFA is setup to use an email confirmation code.

However, when I try entering and using the confirmation code with a new password, I always get the

Invalid code provided, please request a code again. ExpiredCodeException

What I have found through testing is that nothing I send or when I send it changes the error message. If I send a 1 character string(which is obviously not correct) or the actual confirmation code, I get the same error. If I try to use the confirmation code immediately after receiving the email or I wait a few minutes, I get the same error.

The code is pretty simple..

public async Task<bool> ConfirmResetPasswordCodeAsync(string username, string code, string password, BasePageModel pageModel)
{
    try {
        await client.ConfirmForgotPasswordAsync(new ConfirmForgotPasswordRequest { Username = username, ConfirmationCode = code, ClientId = ClientId, Password = password });
        return true;
    } catch(Exception ex) {
        // handle the exception
    }

    return false;
}

So I'm not sure what I am doing wrong. Am I missing a setting somewhere in the AWS admin?

It's not a Xamarin issue, it's an user pool issue.

We had to create a new user pool because we were getting the same error when we tried to validate users' email addresses. We only needed to ask for email addresses, but the previous user pool required usernames, too.

So, recreate a user pool and select from the list what you exactly need. Nothing more.