amazon-cognito

So I am messing around with Cognito and their Beta User Pools feature in Javascript. I am successfully creating users thanks to the documentation found here: http://docs.aws.amazon.com/cognito/latest/developerguide/using-amazon-cognito-user-identity-pools-javascript-examples.html When I try and authenticate the users though I get a strange error message saying: NotAuthorizedException: Incorrect username or password. I don't understand why this is the case as I am literally copying and pasting the values for userName and password that I used to create the user, which is working fine. Below is

I'm using a federation identity pools with aws-amplify ( https://aws.github.io/aws-amplify/media/authentication_guide#enabling-federated-identities ) and I'd like to restrict the scope of domains to just my google domain organization (ex. johndoe@foobar.com). There doesn't seem to be a way to lock it down on either the Google API console or the AWS Cognito Identity Pool settings, just a hint that an hd parameter can be appended to the google request to restrict it by domain (which would still require modifying the aws-amplify core package), and it still wouldn't be secure since anyone could

I am building a serverless react app which uses Cognito for sign-in/sign-out. The app calls API Gateway which is configured to use the Cognito User pool as the custom authorizer. I also build a lambda function to sign out a user ( cognitoIdentityServiceProvider.globalSignOut ). When I sign into the app, and then call the lambda function to perform an admin sign-out, calls to protected API gateway functions from the app are still valid (with Cognito ID token passed in Authorization header); Are admin calls such as cognitoIdentityServiceProvider.globalSignOut and cognitoIdentityServiceProvider

I established a authentication flow with Facebook Login and AWS Cognito on the client site. Works fine. But now I need a reference of the user with its facebook id in a dynambodb table. Of course I could just call a AWS lambda function exposed via AWS API gateway, but how can I verify that the API call actually has a valid facebook id and that this facebook id matches the AWS Cognito Id. Maybe I am missing something here, I hope you guys can point me in the right direction ;) thanks! If you can key your ddb table by cognito id instead of facebook id, you can invoke api gateway with cognito

I get the following error: TypeError: __WEBPACK_IMPORTED_MODULE_0_aws_sdk_global__.util.crypto.lib. randomBytes is not a function when I try to authenticate the user using the following code I wrote: import { CognitoUserPool, CognitoUserAttribute, CognitoUser, AuthenticationDetails } from 'amazon-cognito-identity-js'; let authenticationDetails = new AuthenticationDetails({ Username: username, Password: password }); let userPool = new CognitoUserPool({ UserPoolId: 'us-east-1_1TXXXXXXbXX', ClientId: '4da8hrXXXXXXXXXXXXmj1' }); let cognitoUser = new CognitoUser({ Username: username, Pool:

I'm trying to setup Cognito and I'm having trouble understanding the differences between the following three types of tokens: Token (returned by getOpenIdTokenForDeveloperIdentity ) SessionToken (returned by getCredentialsForIdentity ) SyncSessionToken (returned by listRecords ) In which way are these tokens related/different ? Here is a brief description of the 3 tokens that you talked about. I will try to link you to more detailed documentation where ever possible. Token : This is a OpendId Connect compliant id token issued by Cognito Identity which asserts the users identity in a signed and

I am using AWS Cognito in my application. While doing logout i am calling the Logout Endpoint . But after doing logout, I am still able to generate the id-tokens using the old refresh token. It means my logout endpoint is not working any more. I am saving the tokens in my local storage, And while doing the logout i am clearing the store manually. My Question is: How to properly use the logout mechanism of AWS Cognito? I'm not sure which framework you are using, but I'm using Angular. Unfortunately there are different ways of using AWS Cognito and the documentation is not clear. Here is my