Our TestFlight request has been rejected bucause a reviewer could not signin with Cognito HostedUI.
We have activated AWS Cognito Advanced Security, and the reviewer's signin trial was detected as a high-risk activity. The Cognito user account which the reviewer used had valid email and password. So I guess the reviewer tries some common bad signin evaluations.
How can we pass the review? The reviewer could not provide us IP information, so we cannot exclude their IP. In addition, the Advanced Security should be active due to security requirements. I believe Cognito and its Advanced Security is common and others used them like us.