7,325 questions
0
votes
2
answers
40
views
Secure users data from admin access in AWS
I want to build an application to save data input from my user in DynamoDB and/or S3. Usually I use API Gateway and Lambda for this. With users authenticated by Cognito.
So far so easy. Now I want ...
- 277
0
votes
1
answer
415
views
Ugly workaround for session expiration in a Next.js app using Cognito. Is there a better solution?
I am writing a Next.js app for a client. The app is using NextAuth to authenticate users via AWS Cognito (OAuth, OIDC, JWT, etc.). Currently, I am using the Cognito hosted UI for authentication. All ...
0
votes
1
answer
100
views
Access token fetched from AWS Cognito oauth api endpoint is invalid when utilized by boto3
Having been confused by AWS Congito for weeks... Are there any difference between access tokens retrieved by /oauth2/token and boto3? If so, how can my backend use an access token passed from my ...
- 1,378
0
votes
1
answer
246
views
Issue with Google Authentication using AWS Cognito in Next.js App
I'm working on a Next.js application and trying to authenticate users with Google using AWS Cognito. The button is supposed to handle the authentication like this:
'use client'
import React, { ...
- 67
2
votes
1
answer
1k
views
Integrating AWS Cognito and Azure AD: Allowing access for any Microsoft User even if they are not in the Azure AD?
Okay so my goal was to integrate google and microsoft with aws cognito to give allow users to signup/signin using their google and microsoft accounts. The google one works perfectly but since there ...
- 21
2
votes
0
answers
138
views
Amplify Cognito redirectSignOut doesn't work
I'm developing a Vite/React with Amplify Cognito for authentication.
I have a main page that redirects to sub-applications, and I would like every sub-application redirected to the main page for login ...
- 461
1
vote
1
answer
353
views
Setting UserPool Client Attributes to have read/write access with aws cdk - Python
I am trying to give some custom attributes specific read/write access depending on the attribute. I am getting this error.
Resource handler returned message: "Invalid
write attributes specified ...
- 421
-1
votes
1
answer
94
views
How to control vue-router and nginx
I have a fronted vue3 web application.
I am currently experiencing the following problems.
But i don't know why happened and how fix it..
I think the error is due to looking for a static file ...
0
votes
1
answer
1k
views
cognito wont load hosted ui login page, instead i get "An error was encountered with the requested page."
Does anyone know why i am getting this error "An error was encountered with the requested page."
i am developing application and i am using aws cognito as a authoraziation server, i am using ...
- 19
1
vote
1
answer
246
views
AWS cognito refreshToken error "Invalid Refresh Token"
User login using API we get AccessToken, RefreshToken and IdToken.
AccessToken works only for 1 hour set on the App Client period.
Based on RefreshToken we can get a new AccessToken & RefreshToken....
- 11
-1
votes
1
answer
149
views
How can i make a login feature in my Angular 16 app to Login using cognito username and password
I am creating an angular 16 app . i have been given a username and password that belongs to a cognito user pool now i want to create a Login page in my app that should authenticate and log in such ...
1
vote
0
answers
89
views
Using AWS API Gateway with Cognito as a frontend to on-premise private API resources accessible via AWS Site-to-Site VPN?
Locally, I have some api routes on a Kubernetes cluster, eg:
10.100.0.200/status
10.100.0.200/delete
10.100.0.200/create
In my AWS VPC, I have created public and private subnets with a virtual ...
- 139
0
votes
2
answers
175
views
Amplify Cognito : How to hide configuration variables in production environment
I use AWS Cognito to authenticate for a React/NodeJs application, it works well, but now I'm trying to push it into production environment
I usually use backend callbacks to protect my environment ...
- 461
1
vote
0
answers
183
views
AWS SDK - Readable Stream Error while using CognitoIdentityProvider or any aws-sdk
When Trying to Access the Cognito Provider to Login in React Native, error as Reference Error - Readable Stream Not Found
Version Details
"react-native": "0.69.3",
"@aws-sdk/...
- 66
1
vote
0
answers
70
views
How to restrict access to resources accessed via API Gateway using Cognito Custom Attributes
I have an app with a Cognito user base that has a custom attribute called "Tenant". I want to use this attribute to help me control the dynamoDB tables that are relevant to that user's ...
3
votes
1
answer
831
views
Getting invalid_client error using next-auth for cognito
I have a Next JS app, a next-auth library and aws cognito to store user information. I created a public client in my Cognito userpool and using that userpool id & client id, I initially ...
0
votes
1
answer
284
views
IAM Condition via Principal Tag not working
I have an app built in AWS Amplify that uses a cognito user pool for my user base.
In the associated identity pool, I have gone to the Attributes for access control subtab and am using the default ...
3
votes
1
answer
208
views
Configuring `next-auth` CognitoProvider to pass `identity_provider`
Project details
Next JS (version 14)
AWS Cognito (Google & Facebook sign-in integrated)
Regular login is handled inside my application, with the help of aws sdks
For google & facebook sign-...
- 68
0
votes
1
answer
2k
views
AWS Cognito : Unable to get user session following successful sign-in
I'm using AWS Cognito to authenticate my application.
I created a user pool, an app client and added a custom domain.
It works well on local.
Now I need to deploy on a remote server : it works too ...
- 461
0
votes
1
answer
684
views
How to get JWT token in BFF architecture Spring Webflux
I have implemented a Backend for Frontend (BFF) architecture with Spring Webflux using TokenRelay filter. My frontend communicates with the BFF with a cookie as authentication mechanism and the BFF ...
- 1,701
1
vote
0
answers
118
views
Cognito user signup does not throw UsernameExistsException
I have a cognito instance where I need it to throw UsernameExistsException error whenever you try to sign up a new user with an email which is already associated with a user.
Based on documentation, ...
- 1,770
2
votes
1
answer
1k
views
Amplify Gen 2: lambda function `No federated jwt` error
I have an Amplify app using Cognito for userpool authentication. Once a user has signed up and used the code sent via email (all Cognito functionality), they are passed to a custom form where ...
- 468
0
votes
1
answer
162
views
Where to find Auth and Token URLs of an OIDC authorization server?
I have an API which uses a AWS Cognito User Pool connected to Google for authentication and authorization within a Spring Boot application.
I am trying to interact with the Spring Boot application via ...
- 617
2
votes
2
answers
1k
views
Next JS - getting the base localhost url to use in client side
I'm using Cognito in my Next JS (v14.0.3) app. To integrate, I utilized aws-amplify library. Following is my aws configuration file
...
const awsConfig: ResourcesConfig = {
Auth: {
Cognito: {
...
- 216
0
votes
1
answer
207
views
Cognito User Pool SAML Federation throwing Unable to contact the configured provider
I have a user pool with a configured Federated SAML IDP in Cognito's AWS Console (User Pool > Sign-in Experience > Federated identity provider sign-in). Our users were able to login through this ...
- 1,578
2
votes
0
answers
160
views
AWS Cognito API Delay Across Regions?
I am creating a Cognito Pre Sign-up lambda trigger using Python 3.11. I have noticed there's a delay between when the AdminCreateUser response is returned and when the user is actually created. I ...
- 21
1
vote
0
answers
117
views
AWS Cognito User Pool Client: Updating RefreshTokenValidity without losing callback URLs using cloud formation yaml
I have a Cognito user pool client application that is integrated with other application, and I need to increase the RefreshTokenValidity using CloudFormation YAML. However, whenever I update the ...
1
vote
0
answers
93
views
Persist Session and Tokens After OAuth2 Sign-in Using Amplify Flutter
I'm developing a mobile app where users can log in through two methods: direct username/password login via Cognito Sign-In and OAuth2 sign-in with a third-party system.
For OAuth2 login, I redirect ...
- 1,014
0
votes
1
answer
756
views
aws-encryption-sdk-python decrypt error: '65 is not a valid SerializationVersion'
I'm trying to implement Cognito MFA using email. Following the documentation here: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-custom-sms-sender.html
I'm using a Python ...
- 87
3
votes
0
answers
83
views
AWS Cognito prematurely confirms the user
I am trying to create the Redirect to URL after clicking email verification link (explained in this github issue). I am also following these Stackoverflow replies
I have a Cognito user pool with a ...
- 73
0
votes
1
answer
107
views
Get token from the node js lambda function
I developed a nodejs code in my lambda function that retrieve token from AWS.
I succeed to get token, but when I am using this token to request any endpoint I got 401 Unauthorized.
I decoded it with ...
- 44k
1
vote
0
answers
97
views
c# programmatically retrieve AWS cognito authorization code
I've been scratching my head with this authflow. I'm able to use Cognito's built hosted UI to return the authorization code, but I haven't figure out how to do this programmatically as we are hosting ...
- 41
1
vote
0
answers
70
views
AWS CDK Role with preferred_role claim in tokens
While creating an identity pool through the AWS console, at one point you're prompted to select how cognito will identify the user roles. Like so:
How do you accomplish the same in Python CDK?? (I ...
- 94
0
votes
0
answers
93
views
Get AWS temp token from aws cognito federated identity after client login with firebase google
I'm new to AWS, so please don't mind my stupid question
I m working on a project where I have a ionic react frontend where the user can signin with google as provider using firebase, after that I want ...
- 41
0
votes
1
answer
332
views
How to use AWS IAM Role in a local ASP .NET website development environment
I have multiple ASP .NET websites running on an AWS Linux 2024 EC2 instance and I want to use AWS Cognito for authentication. In production I believe I will need to create an IAM Role to allow access ...
- 2,495
0
votes
1
answer
360
views
AWS Lambda Custom JWT Validation
I've built that first validates the JWT Token and then extracts the user unique ID ("sub").
In a non Lambda environment the script works fine, however in the AWS Lambda I'm having an error ...
- 704
0
votes
2
answers
312
views
How to authenticate an ASP .NET website with AWS Cognito
A few years ago I used the following code to authenticate an ASP .NET website using AWS Cognito, but it probably wasn't the best solution putting the keys in the compiled code. I'm curious what is the ...
- 2,495
0
votes
2
answers
501
views
SSO not working in iOS when using AWS Cognito and Azure AD
We are using Azure AD as OIDC Identity Provider in AWS Cognito.
In iOS side, we use ASWebAuthenticationSession to show a web view and let the user login. User can login successfully but the issue is ...
- 31
0
votes
2
answers
318
views
Cognito "Authorizer" element not appearing in RequestContext in a Lambda triggered via API Gateway
Possibly inexperience with the AWS/Amplify side: I have an app built using Amplify, where I have a userbase controlled with Cognito. In my Cognito user pool I have created a custom attribute, that I ...
0
votes
0
answers
105
views
AWS Cognito Exchange between Code and Access Token
After a successful authentication with the AWS Cognito Hosted UI, I am redirected to my callback url, example:
https://app.example.com/?code=16036818-2t63-4a31-98b0-e3c21aa9a24d
Using the Curl, I am ...
- 704
0
votes
1
answer
631
views
Refresh AWS Cognito Refresh Token Before Expiry
I'm currently facing an issue with AWS Cognito refresh tokens and would appreciate some guidance.
Problem:
I have an AWS Cognito setup where the refresh token is configured to expire after 30 days. ...
- 1
-2
votes
1
answer
483
views
Simple way to put AWS Lambda app behind SAML authentication [closed]
I have a simple AWS Lambda app. I need to front it with SSO, our IdP provider is Okta. The app is rarely used by a large amount of employees. What would be the easiest way to do that without ...
- 1,662
0
votes
2
answers
326
views
DEVICE_PASSWORD_VERIFIER challenge response in AWS Cognito using Node.js (Incorrect Username or Password)
I'm using JS aws-sdk to implement remember device option for users who want to skip MFA in my backend Node.js Lambda API. I followed the official AWS blog and code from AWS cognito archives from ...
- 381
5
votes
1
answer
1k
views
AWS Amplify Gen 2 - How to get refresh token?
Is there a way to get user refresh token for Cognito using AWS Amplify Gen 2?
import { Amplify } from "aws-amplify"
import { signIn, signOut, getCurrentUser, fetchAuthSession } from "...
- 1,085
0
votes
1
answer
465
views
How can I fix issue with amazon-cognito cookies size being > 4k
I inherited a large nextjs react app that makes heavy use of amazon-cognito. Users are getting nginx 400 "Request Header or Cookie Too Large" error all the time now. It's not good!
Something ...
- 5,101
1
vote
0
answers
54
views
Aws hosted page
I am using aws cognito and need single sing on login screen (provider), I am told to use "Hosted UI customization" screen build in user pool cognito
Is there away to create own Cognito ...
- 73
1
vote
0
answers
215
views
Per-user and user group data access for AWS Amplify Gen2
I'm trying to give the following access.
Group of cognito users called 'user' to read and create
Public to read
Owner to CRUD
As per the https://docs.amplify.aws/react/build-a-backend/data/customize-...
- 155
2
votes
2
answers
912
views
Amplify Gen 2 Users List
I'm read all the Amplify Gen 2 Documentation but I don't find how to list all registered users in application.
It's because need to create a admin page to list all users with his roles in Angular.
I ...
1
vote
2
answers
52
views
Is it possible to filter metrics of AWS Cognito by user group?
Metrics of AWS Cognito show number of SignIns on whole userpool. Is it possible to get number of SignIns by user group inside the pool?
Or number of SignIns by one specific user.
I tried to find ...
1
vote
0
answers
83
views
Seamless login with AWS Cognito
We have a user dashboard built on AWS/Serverless stack that uses Cognito to manage user logins.
We're integrating with a 3rd party app who want their users to be able to open our dashboard from theirs ...
- 301