aws-cognito

问题 How to get user in Lambda function? User is authenticated in Cognito and invokes lambda with API Gateway. API Gateway method has AWS_IAM authorizer and checked "Use Lambda Proxy integration" checkbox 回答1: If you have checked AWS_IAM API Gateway, identity of the end user available to your function. You can access the Identity ID as follows. exports.handler = function(event, context) { var identity = event.requestContext.identity.cognitoIdentityId; console.log("clientID = " + identity); context

问题 I have some data stored in DynamoDB. In order to retrieve the data, I'm requiring users to be authenticated against Cognito user pool. I have managed to authenticate users successfully using AWS-Amplify library and Cognito returns following JSON data after successful authentication : { "username":"....", "pool":{ "userPoolId":"....", "clientId":"...", "client":{ "endpoint":"....", "userAgent":"aws-amplify/0.1.x js" }, "advancedSecurityDataCollectionFlag":true, "storage":{ "loglevel:webpack

问题 I'm a newbie to AWS, I'm building an application where the users should be logged in via AWS account. So I created a user pool and authenticated via AWS SDK using the federated identities. But the users were created manually in the Cognito UI.But the requirement is to authenticate the user if they already resides in AWS as an IAM user. But AWS cognito does not provide a workflow to import the IAM users to cognito pool. So is there another way to accomplish this via AWS ? Thanks in Advance.

问题 I have created a cognito user group in AWS console. I am able to create a cognito user from my iOS app and I can see the user record from the AWS console. Now I need to add this user to a group. Is it possible to do this from the app without using AWS console. i.e When a new user is created the user should be added to a group. This should be handled in the iOS app. 回答1: You can create and manage groups in a user pool from the AWS Management Console, the APIs, and the CLI. As a developer

问题 Looking at http://docs.aws.amazon.com/cognito/latest/developerguide/facebook.html there is an example of how to code up a login using AWS Cognito + Facebook. However, I’m unable to find examples of a logout flow. Because of the 3 parties interacting, including browser-side caching, and potentially asynchronous operations involved, it would be good to be aware of any gotchas or recommendations. So: what’s a good way of handling logout after logging in with AWS Cognito + Facebook? 来源： https:/

问题 I'm creating Cognito user using Cloud Formation template for Kibana cognito authentication. How to provide temporary password in the template? 回答1: Far as I know, you can't do this via AWS::Cognito::UserPoolUser which I believe you are using. Set up a password policy in the UserPool creation and it should do the job. Type: AWS::Cognito::UserPool DeletionPolicy: Retain Properties: UserPoolName: UserPoolName AdminCreateUserConfig: AllowAdminCreateUserOnly: true Policies: PasswordPolicy:

问题 So I've implemented Amazon Cognito login on an iOS app in Swift and it all works great. However I'm now trying to find out the groups that a logged in user belongs to. I can't seem to find a good way of doing this from within the app. The SDK doesn't seem to provide a way of doing so from what I can see. Any help would be much appreciated! 回答1: Currently the groups are exposed in the ID token issued to the user. It is populated in claim "cognito:groups". More details here: http://docs.aws

问题 Looked at similar SO questions which didn't help me resolve the issue. I am using AWS Cognito User Pools in our iOS App. We are able to successfully create and login the user. However after about an Hr the access token is not available , I understand from AWS Cognito documentation that the iOS SDK automatically refreshes (also mentioned here) and obtains the token when it is not available, however I don't see this behaviour. The below code shows how I am trying to obtain the access token.

问题 I'm running into some problems when I attempt to refresh my session tokens, (Access, Id, Refresh). I have already read this question and the answer has helped me understand what is going on some. But I feel what I am trying to do isn't quite what getSession is for. I am attempting to implement a session expiration message (done) that allows the user to extend their session (refreshes the tokens). From what I gather about getSession() , it returns either the old tokens, if they are still valid

问题 I am not sure how to setup the "EmailConfiguration" part of the serverless cloudformation resource section. Does anyone have an example on how to do this? Any guidance would be much appreciated! Here is my serverless.yml file. service: cognito-email-config provider: name: aws runtime: nodejs6.10 region: us-east-1 plugins: - serverless-stack-output custom: output: handler: serverless/output.handler file: outputs/stack.json functions: preSignUp: handler: serverless/preSignUp.handler