aws-cognito

I want to allow users to sign up using either a user-pool identity (email + password) or a Facebook-federated identity. But I also want them to be able to switch later on: either add Facebook federation if they didn't sign up using Facebook initially, or remove the Facebook link from their account if they initially signed up using Facebook. Is this possible? Thanks in advance! Yes, it is. I'm assuming that Facebook is added directly to the Userpool as an IdP. Splitting your query into 2 parts: 1. User signs up using username & password. Later, he wants to link his Facebook account This is

I have followed the sample here https://github.com/awslabs/aws-sdk-ios-samples/tree/master/CognitoYourUserPools-Sample To integrate interactive cognito login to my iOS app. This is all working well, but when a new user is created in the pool, they initially have a FORCE_CHANGE_PASSWORD status. For android you can follow the procedure below http://docs.aws.amazon.com/cognito/latest/developerguide/using-amazon-cognito-user-identity-pools-android-sdk-authenticate-admin-created-user.html But for iOS I can't find out how to do this. Using the sample, if I attempt to login with a user in FORCE

I am not able to get verification codes(sms) and mobile app. i deleted the role. i tried recreating the role in cognito but it doesn't give any option to do so. Error response while i create new user : "Role does not have trust relationship allowing cognito to assume the role" On saving the verification settings on my cognito (with the previous role arn stuck in there) it say " Your roles are still being created " Error while saving verification changes I too faced the same issue. Let me share the method in which i solved it, Although not the optimal method, i think, but i hope it helps: 1) I

I have a mobile application and wanted to use AWS Cognito pool for user management (sign up & sign in). I wanted to provide below 3 options for users to log in to my app username, password phone number with OTP login - on the sign in screen, the user enters his phone number, and Cognito should send OTP code, and on verification, it should allow to login Google connect login during sign up, the user will set up username, password and adds verified phone number and optionally they can add their google connect to their profile. How to setup Cognito pool for this scenario that user can choose any

I am not sure how to setup the "EmailConfiguration" part of the serverless cloudformation resource section. Does anyone have an example on how to do this? Any guidance would be much appreciated! Here is my serverless.yml file. service: cognito-email-config provider: name: aws runtime: nodejs6.10 region: us-east-1 plugins: - serverless-stack-output custom: output: handler: serverless/output.handler file: outputs/stack.json functions: preSignUp: handler: serverless/preSignUp.handler postConfirmation: handler: serverless/postConfirmation.handler resources: Resources: SESRole: Type: "AWS::IAM:

I am attempting to add MFA for user authentication to an already existing solution (built in Angular) for device management within AWS Cognito. I am having trouble figuring out how to handle this particular response well from a user-experience perspective. It actually feels broken, so would love if anyone else has experience pain points here. See Use Case 23. for example implementation, mine is below: authenticate(username: string, password: string): Observable<any> { // init cognitoUser here return new Observable((observer) => { cognitoUser.authenticateUser(authenticationDetails, { onSuccess:

I am using AWS Cognito in my application. While doing logout i am calling the Logout Endpoint . But after doing logout, I am still able to generate the id-tokens using the old refresh token. It means my logout endpoint is not working any more. I am saving the tokens in my local storage, And while doing the logout i am clearing the store manually. My Question is: How to properly use the logout mechanism of AWS Cognito? I'm not sure which framework you are using, but I'm using Angular. Unfortunately there are different ways of using AWS Cognito and the documentation is not clear. Here is my

I've integrated cognito into my xcode project. The sign up/password update features are working correctly. However I can't seem to get the sign in process to work. I turned on the logs and I get the following error {"__type":"NotAuthorizedException","message":"Access Token has expired"} Domain=com.amazonaws.AWSCognitoIdentityProviderErrorDomain Code=-1000 "Authentication delegate not set" UserInfo={NSLocalizedDescription=Authentication delegate not set}] I have also implemented the AWSCognitoIdentityInteractiveAuthenticationDelegate delegate in the AppDelegate script. Here's the AppDelegate