Questions tagged [aws-cognito]

1

votes
1

answer
415

Views

AWS Cognito User Pool Sign In Missing Authentication Token

I am trying to authenticate my user in a Xamarin Forms cross platform app using AWS Cognito User Pools. I am able to sign up a user using the SignUpAysnc() and I can see it populate in the user pool in the AWS console. CognitoUserPool userPool = AmazonUtils.UserPool; Dictionary userAttributes = new...
Poodle Galluzzo
1

votes
0

answer
148

Views

How do you use a Facebook token to create a user in a Cognito User Pool, as depicted in AWS demo slides?

Amazon Web Services provided the following slides to explain some of the features of AWS Cognito. The slide below purports to show that you can get a Facebook token from Facebook login, and use that token to authenticate a user (or presumably create a new user) in a Cognito User Pool, which will in...
CodyBugstein
1

votes
0

answer
158

Views

Using Google Login with Cognito Identity Pool to Authorize Lambda HTTP Requests

I'm sure someone must have gone through scenario; however, I have not been able to find some documentation/samples covering it. What I'm attempting to do Expose several REST endpoints using Lambda (severless), so this is a registered api with the api gateway Some of these endpoints require a user au...
Sam
1

votes
1

answer
94

Views

How to support retries in AWSCognitoIdentityCustomAuthentication

I'm using AWS User Pools on iOS. The interface AWSCognitoIdentityCustomAuthentication has two key functions: func getCustomChallengeDetails(_ authenticationInput: AWSCognitoIdentityCustomAuthenticationInput, customAuthCompletionSource: AWSTaskCompletionSource) and func didCompleteStepWithError(_ err...
Carl
1

votes
1

answer
406

Views

How to add cognito user pool authorizer to Lambda Proxy integration in Cloud Formation Template?

I have the following cloud formation JSON template. This template is the default template provided by AWS for C#(Dotnet) Web API Lambda proxy integration. { 'AWSTemplateFormatVersion' : '2010-09-09', 'Transform' : 'AWS::Serverless-2016-10-31', 'Description' : 'An AWS Serverless Application that use...
Deepan Cool
1

votes
1

answer
168

Views

AWS Cognito pools, with Facebook and Required attribute as “Phone Number”

I've created a AWS Cognito pool with Phone Number as required attribute and Facebook as one of federations. Since FB do not provide any Phone number during Oauth is there any workaround to map 'any other FB attribute' to phone number so as user id is created (the attribute once in pool, can be chang...
Shambhurao Rane
1

votes
0

answer
38

Views

Implementing sign up with aws cognito in android without hosting

I'm trying to implement User Sign-In and Sign-Up using Amazon Cognito user pools for an Android App without any hosting. I'm a beginner at AWS Cognito, however, I was able to create a User pool successfully and integrate Federated Identities to the user pool as well. I read many articles and did a l...
Cassendra44
1

votes
0

answer
109

Views

AWS Cognito sign-on in iOS: don't ask for phone #

I'm going through the AWS tutorial on integrating AWS with mobile apps. The default sign up view controller has a field for the phone number. I made the email the only required field in the Cognito console. I also disabled sign-in with phone number. Is there a way to remove the phone number field fr...
Macondo2Seattle
1

votes
0

answer
179

Views

How to get device last activity date in AWS Cognito?

I have a web application where one user can be authenticated in many devices in the same time. Each device sends its geo location coordinates to AWS API Gateway (AWS lambda function) every 30 seconds. The lambda function has to save coordinates to DB only from device which is authenticated later tha...
Ildar
1

votes
0

answer
96

Views

How to integrate AWS Cognito federated identities in a production environment?

I have been trying to integrate a solution for user authentication and authorization in a serverless web application that uses Api gateway and is exposed to customers. Users login through Cognito user pools and obtain temporary AWS access keys through Cognito federated identities, which are then use...
Jesuspc
1

votes
1

answer
540

Views

How to verify the Signature of a JWT generated by AWS Cognito in Python 3.6?

Here's my script import urllib.request import json import time from jose import jwk, jwt from jose.utils import base64url_decode import base64 region = '....' userpool_id = '.....' app_client_id = '...' keys_url = 'https://cognito-idp.{}.amazonaws.com/{}/.well-known/jwks.json'.format(region, userpo...
KyelJmD
1

votes
1

answer
251

Views

Can one set email_verified to true in Cognito programmatically? How?

When I update the cognito users' email attribute via the updateAttribute or adminUpdateAttribute API, email_verified will be set to false. So I'd like to set email_verified to true programitically. My understanding is that it should use GetUserAttributeVerificationCode and VerifyUserAttribute API to...
R.yama
1

votes
0

answer
257

Views

How to get profile data using AWS Cognito with Boto3 and OAuth?

Okay, so after a user logs in, I want to get their profile data. So the way I tried doing that was via boto3.client('cognito-idp').get_user but it keeps returning: NotAuthorizedException: An error occurred (NotAuthorizedException) when calling the GetUser operation: Access Token does not have requir...
Joseph Manley
1

votes
0

answer
97

Views

Any decent NPMs to get AWS Cognito Authentication working with Node.js/Express?

Might just be that I'm getting documentation fatigue (going through the rabbit hole that is the AWS docs)...but I'm not finding any turnkey NPM/examples to Authenticate Users against AWS Cognito, in Node.js/Express. I've seen quite a few examples but all either bomb out, are incomplete/vague or req...
gMoney
1

votes
0

answer
241

Views

Amazon Cognito: PreSignUp_SignUp Lambda Trigger Event

How do I access the user attributes and username of a user created by adminCreateUser API inside of Lambda Function. I know the event sample for normal signup is: { 'version': 1, 'triggerSource': 'PreSignUp_SignUp', 'region': '', 'userPoolId': '', 'userName': '', 'callerContext': { 'awsSdk': '', 'cl...
Manoj Acharya
1

votes
1

answer
172

Views

Is there a boto3 funciton to convert authorization_code into authorization_token

My project is python and using boto3 lib. I'm using aws cognito Authorization code grant flow with return_type=code instead of return_type=token (implicit flow). Once my user is authorized my redirect url is injected with the queryStringParameter code=4d55a121-8ffc-4058-844b-xxxx. outlined here I n...
knittledan
1

votes
2

answer
713

Views

Can't destroy AWS Cognito session from within React application

I'm trying to log out of my application that's using AWS Cognito by calling their logout endpoint. I'm not using the AWS SDK because as far as I can tell, it does not yet cover oauth app integrations and sign in using external federated identity providers (please correct me if I'm wrong about that)....
Scott Letkeman
1

votes
1

answer
34

Views

AWS cognito getting weird message although user still exist

What does this message mean? User still exist in aws cognito. NotAuthorizedException: The user has been deleted for the associated refresh token
Shashwat Tripathi
1

votes
1

answer
213

Views

Xamarin .NET C# AWS Cognito Identity Pool Login

I created a Xamarin.Form, cross-platform mobile application in Visual Studio Community 2017. I created a login page and want to integrate with AWS Identity Pool, but seems that I can't found an working example. What I found: Here - I implemented the Login from here, but when I try to Log in I got an...
Mihai Catan
1

votes
1

answer
364

Views

How to use Federation from a User Pool (not from an Identity Pool)!

I'm trying to use Federation from a User Pool. Note, I am not talking about Federated Identity Pool a different concept. Is there a SignIn API for federated users or is just a hosted UI Does the app 'have to' open a browser on a Sign In URL that looks like https://XXXXXX.au=th.XXXXX.amazoncognito.co...
mipnw
1

votes
1

answer
210

Views

Serverless deployed lambda not invoking callbacks.

I am pretty new to serverless and I have come across a bizarre situation. I have created a lambda function which lists the users from the cognito user pool. I have used cognitoidentityserviceprovider.listUsers to get the user list from user pool. I tried creating the lambda function using serverless...
Unnikrishnan M R
1

votes
0

answer
105

Views

How to get current user's attributes such as phone number or email in Cognito AWS

I am new to Cognito AWS and am using it for a mobile application. I wanted to know how to get the current user's attributes like username, phone number or email id using the userid? Below is the code in which i want to get the user attributes (made using the AWS tutorial). AWSMobileClient.getInstanc...
Hank
1

votes
1

answer
938

Views

How to get Cognito ID Token with in browser ?

I am building web application (using ReactJS) uses Cognito user pool for user management, which is going to be serverless using cloudfront, api & lambda. I looking for help on how to get Cognito IDToken with in browser using Javascript with actually signing in. I just want the token and pass it to a...
serene
1

votes
0

answer
68

Views

Get custom parameters from aws cognito when it redirects to web application (PingOne as SAML identity provider)

I am validating the user using aws cognito (saml identity provider). I want the email id of user from aws cognito when it is redirecting to my web application using callback feature of cognito. Currently, i am using the Idp initiated flow to login to my application. When cognito callbacks to my web...
nitesh jha
1

votes
0

answer
97

Views

User Pool Sign-up through social provider (google, facebook)

Is it possible to do a sign-up to the user pool using a third party social provider like facebook or google? I'm using amazon-cognito-auth-js amazon-cognito-auth-js but I cannot differentiate sign-in from sign-up
niqui
1

votes
2

answer
1.2k

Views

AWS CLI - how to generate security tokens for a cognito user

Ultimately, I need to generate a AccessKeyId, SecirutyKey and SessionToken for a user in a Cognito User Pool so I can test a lambda function as a cognito user using Postman. So far, I've spent 2 days trying to figure this out. It seems that this would work: aws sts assume-role-with-web-identity --ro...
Dar
1

votes
0

answer
325

Views

Public callback URLs using AWS API Gateway Cognito and Zappa

I had a question about Zappa, API Gateway, AWS Cognito and callback urls. I have set-up Zappa, with AWS Cognito and API Gateway so that all my back-end routes are protected (using this and this ). Every xmlhttprequest I make from the client-side to my API back-end has a newly refreshed ID token att...
speechMachine
1

votes
0

answer
195

Views

Trying to use Cognito to download files from S3

I am using AWS S3 as a backend for sound file storage in an iOS app. I can upload sound files to the bucket as I wish, but I am having trouble to make the download work. I was first hoping to make things work using PFFile, but since I did not succeed as expected, I did some research and had the impr...
Michel
1

votes
0

answer
36

Views

AWS Cognito SDK missing user attribute

I'm using AWS cognito and it's built-in UI in my Android App. I selected family name as required in AWS console but the field is not shown within the create new account form. How can I add this field to the form. Thank you.
1

votes
0

answer
72

Views

Cognito User Pools CUSTOM_AUTH flow doesn't provide NewDeviceMetadata

We're using the CUSTOM_AUTH flow in Cognito User Pools to implement our own MFA, which is skipped for remembered devices. We've been able to authenticate existing devices while using this flow but hit a road block. It seems NewDeviceMetadata is null when authenticating with a CUSTOM_AUTH flow, even...
Space Case
1

votes
1

answer
816

Views

AWS Cognito Refresh Tokens: how to use them exactly?

I have an app that obtains 3 tokens from the AWS Cognito User Pool TOKEN endpoint using Authorization Code Flow. It receives an ID_TOKEN an ACCESS_TOKEN and a REFRESH_TOKEN. The app uses the ID_TOKEN to obtain CognitoAWSCredentials on an Identity Pool: var credentials = new CognitoAWSCredentials(Ide...
mipnw
1

votes
0

answer
211

Views

How to get Cogntio User claims and set in UserManager.AddClaimAsync (Asp.Net Identity Provider))

I m not sure my following approach is right or not. But here it is I have an application where Asp.net identity is implemented. Now I m implementing AWS Cognito User Pool for user signup and sign in. On Sign in I m using the following method to get user token from Cognito CognitoUserPool userPool =...
Anil D
1

votes
1

answer
298

Views

AWS AUTHORIZATION endpoint redirecting to LOGIN endpoint

In AWS, I have a User Pool. That user pool has a user. That user pool has an App client, with App Client Id of MY-CLIENT-ID. That App client is enabled as an identity provider for the cognito user pool, has a callback url of https://MY_APP/redirect_uri, has only 'Authorization code grant' checked...
Drew Stevens
1

votes
0

answer
197

Views

AWS SDK get session token for rbac token

I have an API and other services configured and secured via AWS. We have applied a RBAC style permission system to allow/deny access to resources using groups in Cognito and federated-identities. When a user logs into to the system, they get a JWT token listing the cognio:roles they have access to,...
Chris Whisker
1

votes
1

answer
60

Views

Display something else than username in Cognito Built-In Sign-In Page

In AWS Cognito, username is unique and cannot be changed, that's why I'm using it with an internal auto-generated ID. Most of Cognito API requests like adminGetUser only uses username as the user identifier. And this is recommended by AWS: If your application does not require a username, you do not...
Yves M.
1

votes
0

answer
192

Views

TypeError: user.sendMFACode is not a function - Redux Saga and AWS Amplify

Using: aws-amplify 0.3.3, aws-amplify-react-native 0.2.9., redux-saga 0.15.6 While calling the Auth.confirmSignIn using redux-saga: let confirmedUserData = yield call([Auth, Auth.confirmSignIn], userObj, authCode, 'SMS'); Getting the following error: 'TypeError: user.sendMFACode is not a function' T...
George Ortiz
1

votes
0

answer
32

Views

Auth0 rules doesn't add the property in the response

I have some issues adding new properties to Auth0 response. I have defined a new rule to add user.awsRole to user object as follows: function (user, context, callback) { user.awsRole = 'arn:aws:iam::951887872838:role/TestSAML,arn:aws:iam::951887872838:saml-provider/MyAuth0'; user.awsRoleSession = u...
Arman
1

votes
2

answer
279

Views

Use Cognito User Pool Groups to Invoke a Lambda function without Federated Identities

I am a newbie and feel I am missing a connection between the IAM Role on a Cognito User Pool Group and invoking a lambda function. Use case: I’d like to use Cognito to manage my user accounts without Federated Identities/Pools (I have no need for federation). One of the features of Cognito is a...
Addaxian
1

votes
0

answer
178

Views

How to define scopes in Access Token using AWSCognitoIdentityProvider ios SDK for Cognito

I'm developing an ios swift app using AWSCognitoIdentityProvider ios SDK for cognito userpool. The backend implemented custom scopes which required the access token that I get from getSession() method contains all the scopes in order to call the API. Currently, the scope that i get from getSession()...
1

votes
0

answer
39

Views

Specifying username/password for CognitoCachingCredentialsProvider

I am trying to use CognitoCachingCredentialsProvider with a User Pool requiring login through the User Pool with a username and password. I have finally got to the point where I am getting the error Unauthorized access is not supported for this identity pool (and yay! for finally getting that far!),...
Trevortni

View additional questions