How can you require verification of Phone Number and Email before issuing tokens from InitiateAuth call?

[garvinguan]

If a user submits both an email and phone number to Cognito, a verification code for phone is sent and a custom separate workflow is needed for email verification as described in the docs.

https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html

Since we want to require both fields (email / phone) to be verified), there are a few issues.

• We have to wait for the phone number to be verified before even starting the email verification process. This is because an access token is required from InitiateAuth in order to make the GetUser request which is needed to start the GetUserAttributeVerificationCodeRequest API call
• Even after that, a GetUser needs to be made before every InitiateAuth call because pending email verification does not block InitiateAuth from issuing an access token

Is there a better workflow for requesting phone and email verification codes at the same time?