7,325 questions
0
votes
0
answers
39
views
Google Signin with AWS Cognito
Our games built using Unity, use Google Play Games Services v1 to support Google Signin. Once the player is signed in, token is obtained using:
token = PlayGamesPlatform.Instance.GetIdToken();
and ...
Advice
0
votes
2
replies
32
views
How do I easily sync AWS Cognito members with Azure AD?
I have this Cognito group tied to its corresponding AD group, with lots of old members who don't even have access anymore because they were removed from AD. I'd really like to clean that up.
I think I ...
- 2,386
0
votes
1
answer
41
views
Amplify Flutter + Cognito Identity Pool works via AWS CLI but fails in app (“No identity pool registered for this account”)
I’m integrating AWS IoT Core with a Flutter app that already uses Amplify Auth (Cognito User Pool).
To allow IoT connections, I added a Cognito Identity Pool section to my amplifyconfiguration.dart (...
- 623
0
votes
1
answer
76
views
AWS Cognito Google Sign-in with Next.js works, but Sign-out does not fully log the user out
I’m using AWS Cognito with Google as an Identity Provider in a Next.js app. I am using AWS managed login as well. Sign-in works correctly, tokens are received, and the user session persists. However, ...
- 900
1
vote
0
answers
58
views
How to identify which IdP a user used to sign in during AWS Cognito PreAuthentication trigger?
How can I determine which Identity Provider (IdP) a user used to sign in during the AWS Cognito PreAuthentication trigger, when multiple federated IdPs (SAML/OIDC) are linked to the same user?
In the ...
- 11
1
vote
0
answers
57
views
Unable to complete Amplify v6 Cognito OAuth flow in my Next.js App
I am using Amplify and Cognito's hosted UI Login page to handle my user authentication. I am able to redirect to the cognito hosted page, enter my user credentials, and redirect page to my sign in ...
- 11
0
votes
0
answers
67
views
Linker error when importing AWS libraries in Unreal Engine
I am trying to get users to be able to log in via a Cognito account and use those credentials to make calls on a backend API. To that end I have been trying to import the Cognito libraries in an ...
1
vote
0
answers
46
views
Process is not defined / process.binding is not supported error after deployment, but works locally
I have a Next.js 15 project that uses AWS Amplify (Cognito) for authentication.
Here’s a simplified version of my config file:
"use client"
import { Amplify, type ResourcesConfig } from &...
1
vote
0
answers
127
views
Expo SDK 54 + AWS Amplify Auth (Cognito v5) → TypeError: Cannot read property 'computeModPow' of null on login
After upgrading my React Native project to Expo SDK 54 (React Native 0.81.4), the login flow using AWS Amplify Auth (Cognito v5) stopped working.
When calling Auth.signIn(username, password) I get ...
- 11
1
vote
1
answer
113
views
Google external provider redirect is coming from a different origin error
I have an Amplify Gen 2 app with Google SSO.
When developing locally and when using AWS generated domains like https://dev.app_id.amplifyapp.com Google SSO works great.
On Google Cloud credentials ...
- 927
-1
votes
1
answer
101
views
BFF to microservice: client credentials or token-forwarding [closed]
I currently have an admin console that is served a BFF layer and 2 REST microservices - product microservice and user microservice. The user microservice stores information on login users as well as ...
- 3
0
votes
0
answers
57
views
Social Login from AWS Cognito is not returning the refresh token
I created an user pool, I can login with Gmail through HostedUI successfully, but when checking the session, returned by Cognito, no refresh token is given back, only Access Token and Id Token. I ...
- 757
0
votes
0
answers
32
views
AWS Cognito Identity Pool: InvalidIdentityPoolConfigurationException when using Google ID token from React Native iOS app
I’m trying to authenticate users via Google in my React Native iOS app, then verify the ID token in AWS Cognito to assume a role and access AWS resources.
Here’s my setup:
Google OAuth 2.0 Clients:
...
- 33
0
votes
0
answers
44
views
Handling Invalid Login Errors in AWS Cognito with Auth.js (Formerly NextAuth) using SRP Authentication Flow
I'm working on creating a custom login and sign-up page using AWS Cognito with the SRP (Secure Remote Password) authentication flow. For handling the session, I’m using Auth.js (previously NextAuth), ...
2
votes
0
answers
46
views
CognitoIdentityProviderClient fails to construct URL from provided region
I'm trying to authenticate to AWS cognito using the @aws-sdk/client-cognito-identity-provider library
// Truncated code
import {
AuthFlowType,
CognitoIdentityProviderClient,
InitiateAuthCommand,...
- 21
0
votes
0
answers
34
views
How to generate an access token for Cognito user without having the user's credentials
I want to write a report against a list of AWS Cognito users. Generating the report requires calling non-AWS APIs that require a Cognito access token for the particular user. How can I generate such ...
- 156
0
votes
0
answers
53
views
AWS Cognito - Logout
I am trying to use a code like the following to logout using AWS Cognito:
private navigateToLogout(): void {
try {
const clientId = '1234213421423';
const currentUrl = window....
- 3,315
0
votes
0
answers
64
views
issue with aws cognito and google cloud console redirect url error for social signup
I am making a react native app i am using using aws social providers to login it works fine but when i click on login with google it opens a chrome tab in my app and it shows my aws user pool url link
...
0
votes
0
answers
30
views
Amazon Coginito iOS Social Provider Linking without Coginito Hosted UI
There are possible duplicates for this issue but none of that given me any solution yet.
My app is signed in with phone number in Cognito and inside the app there are options to connect with Google, ...
- 411
0
votes
1
answer
53
views
Amazon cognito form Login using Jmeter
I am trying to create a script for my application which has amazon cognito login form, I tried using the below script to generate state and nonce value. there are two different nonce values passed in ...
1
vote
1
answer
80
views
Amazon Bedrock throws 403 for Identity Pool Guests
I've been trying to use Amazon Bedrock as a Identity Pool Guest. After attaching correct policies (even Bedrock Full Access) to the Guest Role, I am still getting
"Message": "User: arn:...
0
votes
1
answer
266
views
AWS Amplify v6 OAuth Configuration: "OAuthNotConfigureException: oauth param not configured" despite correct config
I'm getting an OAuthNotConfigureException: oauth param not configured error when trying to use Google OAuth with AWS Amplify v6, even though my configuration appears correct.
Environment:
AWS Amplify ...
- 310
0
votes
0
answers
52
views
Unable to access Cognito Identity Pool with Google client
I'm getting
NotAuthorizedException(message=Token is not from a supported provider of this identity pool.)
despite google being added as a identity provider in my Cognito Identity Pool with the Web ...
- 42
0
votes
1
answer
41
views
AWS Cognito - Custom Attributes
I am experimenting AWS cognito, I am using spring boot as backend, I am able to login&logout but the only problem i have added a custom attribute ( sector ) and it is not being returned when I do ...
- 23
0
votes
1
answer
187
views
Is using HttpOnly cookies to manage AWS Cognito access and refresh tokens a secure and recommended approach?
We're implementing authentication for multiple SPAs across subdomains of the same parent domain (e.g. app1.mycompany.com, app2.mycompany.com) using AWS Cognito, a custom login UI, and a centralized ...
- 37
0
votes
0
answers
55
views
CognitoAWSCredentials GetId/GetCredentials takes ~75-100 s over IPv6 on first use, blocking S3 GetObjectAsync (Unity / .NET SDK v4)
I’m working on a Unity project using:
Unity version: 2022.3.36f1
API Compatibility Level: .NET Standard 2.1
Platforms: Happens on Unity Editor, Android device, and iOS device
AWS SDK version: 4.0.29....
- 1,963
0
votes
1
answer
270
views
AWS Cognito - HTTP Only Cookie setup without Managed Login/Hosted UI
I'm struggling to get my head around the HTTP only cookie setup with Cognito when not using the Managed Login.
I had successfully used the AWS SDK on the client-side to InitiateAuth and retrieve ...
- 51
0
votes
1
answer
208
views
Why is `login_required` not returned in redirect URL when using AWS Cognito with Authorization Code Grant and `prompt=none`?
I'm using AWS Cognito with Authorization Code Grant flow for authentication in my Angular application. I’ve configured the following:
Authorization flow: Authorization Code Grant
Domain and redirect ...
- 37
0
votes
0
answers
32
views
Ionic Angular App Issue in google sso while login using previous email
I am working on ionic app where have implemented google sso and apple sso. Previously we had issue, after even logout it was not clearing the cookies from the browser and if login again with sso it ...
0
votes
1
answer
59
views
Using PreSignUp Lambda with Cognito suddenly fails to verify email
Repro steps:
Verification emails work as handled by Cognito thanks to the IaC setting for UserPool
(this one:
AutoVerifiedAttributes:
- email
)
2. add a Lambda function trigger to the userpool
(e.g ...
- 117
0
votes
1
answer
145
views
Why doesn't OIDC SSO work between apps on different domains with custom UI?
I'm building SSO using OpenID Connect between two apps:
App1 (frontend and backend done in PHP), hosted at app1.stk.in
App2 (frontend in Angular and backed in Python), hosted at app2.cloud.net
Both ...
- 37
0
votes
0
answers
133
views
Issue with Custom Login Screen Instead of AWS Cognito Hosted UI with prompt=none in Multiple Applications
We are using the prompt=none method for silent login in our system. We have multiple applications that share the same user pool, but each application is hosted on a different domain. Our requirement ...
- 37
0
votes
0
answers
38
views
In /oauth2/authorize sign in, is it necessary to trigger the /logout endpoint
With /oauth2/authorize it leaves cookies in the browser.
For the /logout, it only clears cookies but doesn't revoke any access so essentially it does nothing except cleaning up the browser. While /...
- 478
0
votes
1
answer
46
views
Pre-Signup Set Immutable UUID
I am trying to create a UUID for a Cognito user upon signup but also want to make it immutable. Currently I am using the AWS Pre-signup trigger but because UUID is immutable and called after the ...
0
votes
0
answers
36
views
'Provide a valid public provider' when authenticating with custom provider with AWS Cognito
I am creating a VR game that requires AWS since I am using a lot of database storage, which I am setting up a Cognito Identity Pool for. I am using a Lambda function to automate all the authentication ...
0
votes
1
answer
46
views
Unable to signIn a user without email confirmation AWS Amplify
I recently set up authentication on Cognito via Amplify and am trying to set up mail verification. This verification can be done as long as the user has just created an account.
However, I can't send ...
- 1,213
0
votes
1
answer
266
views
AWS Cognito - Okta OIDC - Error: PKCE code challenge is required by the application
I have set up an OIDC Single Page App (SPA) in Okta applications with Grant type is Authorization Code.
Then, I added a Federated identity provider sign-in in AWS Cognito with Client ID from the Okta ...
- 17
0
votes
0
answers
46
views
Microsoft Entra Id SAML Response Username encrypted
I setup federated login to Cognito with Entra Id as the IdP. When I require encryption, the user name created is encrypted. When I don't require encryption, the username is not encrypted. Shouldn't ...
- 51
0
votes
0
answers
47
views
AWS Coginto Login screen for SignedIn user and for guest user hide loginscreen
I'm using AWS cognito for login. For silent login i'm calling prompt=none url. Its working fine. Actually why we use this is we have other sites also there also we can sign In to cognito when we ...
- 37
1
vote
0
answers
381
views
"Sign in with Apple" intermittently returns HTTP 503 on Web (Brazil region)
I'm implementing "Sign in with Apple" on a web application using the standard OAuth 2.0 flow. Occasionally, requests to the https://appleid.apple.com/auth/authorize endpoint fail with an ...
0
votes
0
answers
37
views
Cognito - How do we reset MFA for a user using the API's provided
Resetting MFA in Cognito seems to be an actual pain.
Our Cognito pool is set to Required currently as we need to make sure MFA is on for all users due to compliance.
Resetting the SMS factor seems to ...
- 457
0
votes
1
answer
147
views
Environment variables not working in React + Vite App (AWS Cognito auth issue)
I'm building a React application with Vite that uses AWS Cognito for authentication. I'm having issues with environment variables not being properly loaded or accessible in my application. ...
0
votes
0
answers
74
views
Enable CORS for simple GET on AWS API Gateway resource with Cognito authorizer
I have an AWS API Gateway resource /foo with a GET method. It has a Lambda integration, which for the purposes of this question simply returns bar. However I want the API to be protected, so I have ...
- 22.2k
0
votes
0
answers
53
views
Confused about AWS Cognito architecture: How is native social login on mobile is supposed to word?
I'm trying to clarify the right architecture for using AWS Cognito with Google Sign-In on mobile (Flutter/Android/iOS). I’ve already implemented a working version using Cognito User Pools with Google ...
- 11k
0
votes
1
answer
102
views
Remirror + YjsExtension throws “state undefined” error
I’m trying to build a collaborative editor using Remirror and Yjs, but I’m encountering an error when adding the YjsExtension. As soon as I include it, the following error appears in the browser ...
-1
votes
1
answer
141
views
Use AWS Amplify UI in View without backend and without bloating app
I have an AWS CloudFormation stack that sets up a Cognito user pool and user pool app. I created a simple Vue front end and I'm experimenting how to authenticate it using Cognito. I understand I can ...
- 22.2k
1
vote
1
answer
230
views
Is Cognito explicit auth flow `ALLOW_USER_SRP_AUTH` included in `ALLOW_USER_AUTH`?
In the Cognito CloudFormation resourceAWS::Cognito::UserPoolClient documentation for ExplicitAuthFlows it says:
ALLOW_USER_AUTH: Enable selection-based sign-in with USER_AUTH. This setting covers ...
- 22.2k
0
votes
0
answers
56
views
CDK cognito.UsesrPool sending codes instead of links when updating email, and CFN won't let me use links in the verificationMessageTemplate
I have a cdk L2 cognito.UserPool (see below). I only want email and password authentication. I want users to be able to change their email. I want their email to be verified either at sign up or upon ...
- 13
0
votes
1
answer
138
views
Trying to link an existing Cognito user with a newly created Federated user with different emails
I have a particular auth flow that requires us to verify a user's email domain before allowing them to login, but we also want them to be able to log in with any method they want
The login flow looks ...
- 531
0
votes
0
answers
54
views
Error “Requiring unknown module ‘undefined’” with AWS SDK v3 in Expo SDK 52 (Hermes) when using @aws-sdk/client-cognito-identity-provider
I’m migrating my app to Expo SDK 52 (Hermes) and using AWS SDK v3 to call Cognito from React Native:
import { CognitoIdentityProviderClient } from '@aws-sdk/client-cognito-identity-provider';
import { ...
