amazon-cognito

I want to look up a user in my Cognito user pool by their sub, which as far as I can tell, is just their UUID. I would like to do this in Java within a Lambda function but cannot find how to do this in AWS's documenation. Any thoughts? As of today this is not possible with Cognito User Pools. Users can only be looked up using their username or aliases. ListUsers API also allows users to be searched by providing search filters on some standard attributes but sub is not one of them. Now it works. http://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ListUsers.html "sub"

I have a JavaScript web application that supports Cognito unauthenticated identities. I'm trying to figure out how to identify the linked authenticated IdentityId for a DISABLED unauthenticated IdentityId. First unauthenticated users are issued an IdentityId via AWS.config.credentials.get . Internally CognitoIdentityCredentials is using getId to generate a new unauthenticated IdentityId. let unathenticatedIdentityId; const AWS = require('aws-sdk'); AWS.config.region = region; AWS.config.credentials = new AWS.CognitoIdentityCredentials({ IdentityPoolId }); AWS.config.credentials.get(err => {

I know services such as Auth0 can act as both SAML IdPs and integrate with third party IdPs. It would seem that Cognito can only integrate with other third party IdPs as a service provider, it can actually perform the role of an IdP. The use case is we have our apps creating users in Cognito. We'd like to use a third party application which can integrate with a SAML IdP to support SSO. Is this possible with Cognito or would we need to use something like Auth0? Currenlty, Cognito is an OIDC IdP and not a SAML IdP. If an application supports OIDC, you can use Cognito to connect to that. We have

I am using the AWS Javascript API and trying to get the assigned cognito id: AWS.config.credentials.get(function(err) { if (!err) { console.log("Cognito Identity Id: " + AWS.config.credentials.identityId); } }); Why does this result in a 400 error with the message below? {"__type":"InvalidIdentityPoolConfigurationException","message":"Invalid identity pool configuration. Check assigned IAM roles for this pool."} I have IAM roles configured for authenticated and non-authenticated users. { "Version": "2012-10-17", "Statement": [{ "Action": [ "mobileanalytics:PutEvents", "cognito-sync:*" ],

I use retrofit2 in my android apps for any http/rest call. Now I need to call an api generated with Amazon AWS API Gateway . The AWS documentation say I should generate the client code throw the API Gateway console and use the class ApiClientFactory to build the request: ApiClientFactory factory = new ApiClientFactory(); // Use CognitoCachingCredentialsProvider to provide AWS credentials // for the ApiClientFactory AWSCredentialsProvider credentialsProvider = new CognitoCachingCredentialsProvider( context, // activity context "identityPoolId", // Cognito identity pool id Regions.US_EAST_1 //

I have created an api key and added it to my functions. I have then deployed the api and tested it but still get: "message": "Forbidden" How do I pass the api key with my JSON request as I have been using "x-api-key": "theKey"? The x-api-key parameter is passed as a HTTP header parameter (i.e. it is not added to the JSON body). How you pass HTTP headers depend on the HTTP client you use. For example, if you use curl and assuming that you POST the JSON payload, a request would look something like (where you replace [api-id] with the actual id and [region] with the AWS region of your API): $

I want to redirect to a specific url after the user confirmation in amazon cognito. When a user sign up he will get confirmation mail with a verification link as follows https://<>.auth.us-west-2.amazoncognito.com/confirmUser?client_id=<<>>&user_name=<<>>&confirmation_code=<<>> If the user clicks the above link it will redirect to confirmation page. Once the user confirmation is completed the page should redirect to my application. Please give me some idea to solve this problem. Currently, this redirection can't be done using verification link in email. I tried adding redirect_uri to the