amazon-cognito

I'm developing application based on API Gateway and Lambda. I configured POST /subscribe as "AWS_IAM". So now it cannot accessible directly, but I can access to API with Cognito authentication. Now problem is my Lambda doesn't know who is the API caller. How to know that? I have 2 users: "Bob" and "John". My Lambda need to know that caller is Bob or John. Thanks, Scott Willeke You can get the Cognito Identity ID from the identity property of the context parameter ( context.identity ) as explained in the context Object Properties section of the Lambda Programming Model help topic . Once you

I'm using the client-side Cognito Javascript SDK. Part of the setup requires configuring region, UserPoolId, ClientId, and identityPoolId . During testing, I'm including the data via a separate file that users could look through and use to discover these Cognito ids. Is it safe to expose these ids to the end user? Otherwise, how do I do this safely? There's a post by AWS on their forums that addresses this. Please note that with userPoolId and clientId, only unauthenticated APIs can be called, for eg: SignUp, authenticate, forgotPassword etc. So userPoolId and clientId alone are not enough to

I have a Lambda function handling POST requests triggered by the API Gateway. The latter is set up to authorize via a Cognito user pool authorizer. Authorization works - if I pass a user's ID token, the request is processed, if I don't I get a 401. However, I can't get the authorized user's identity in the Lambda function. All documentation makes me believe that it should be in the context, but it isn't. I can't map it in there, either. What's more, there doesn't seem to be a way to query the user pool for a user given their ID token, either. Do I need an identity pool to accomplish this? If

I use AWS Identity Pool with Facebook provider to authenticate client. I need to invoke AWS Lambda using Api Gateway. From Cognito, using Facebook token, i received credentials: AccessKeyId, SecretKey and SessionToken. Using this credentials, how should I setup header request to invoke my Lambda? Api Gateway setup (test calls my lambda) I try to call my api, it returns "The security token included in the request is invalid." Thank you! You have to manually set ' x-amz-security-token ' in Postman and pass the token in that header. Please try this for postman: http://docs.aws.amazon.com

I currently have a mobile application using Firebase for user authentication and storing data. I would like to migrate from Firebase to AWS. Exporting the DB from Firebase is simple enough. Download the JSON export and populate AWS. How do I migrate user authentication to Cognito? Ashan There are multiple ways to migrate users to AWS Cognito. A couple approaches are: Import users as batches. This will require you to take users in to the forget password flow. Onboard users to Cognito UserPools one at a time. This approach requires you to write some code to check against Cognito if the user

I'm trying to insert a record into DynamoDB invoking "Pre sign-up" trigger of Cognito User Pool. Lambda function is pretty simple for testing purposes but there is always an error in client application on AWSCognito.CognitoIdentityServiceProvider.CognitoUserPool.signUp call Use case 1 Lambda body: console.log('Received event:', JSON.stringify(event, null, 2)); Result: InvalidLambdaResponseException: Invalid lambda function output : Invalid JSON Use case 2 Lambda body: callback("null", "success"); Result: InvalidLambdaResponseException: Invalid lambda function output : Invalid JSON Use case 3

Amazon provides iOS, Android, and Javascript Cognito SDKs that offer a high-level authenticate-user operation. For example, see Use Case 4 here: https://github.com/aws/amazon-cognito-identity-js However, if you are using python/boto3, all you get are a pair of primitives: cognito.initiate_auth and cognito.respond_to_auth_challenge . I am trying to use these primitives along with the pysrp lib authenticate with the USER_SRP_AUTH flow, but what I have is not working. It always fails with "An error occurred (NotAuthorizedException) when calling the RespondToAuthChallenge operation: Incorrect