Reputation: 10937
AWS Cognito Error: 'identityPoolId' failed to satisfy constraint
I am new Cognito. I am trying to implement AWS Cognito using Lambda. This is the tutorial I am following.
AmazonCognitoIdentityClient client =
new AmazonCognitoIdentityClient();
GetOpenIdTokenForDeveloperIdentityRequest tokenRequest = new GetOpenIdTokenForDeveloperIdentityRequest();
tokenRequest.setIdentityPoolId("us-east-1_XXXXXXX");
This is the pool Id that I am using in the setIdentityPoolId
This is the JUnit test
public class AuthenticateUser implements RequestHandler<Object, Object> {
@Override
public Object handleRequest(Object input, Context context) {
AuthenticateUserResponse authenticateUserResponse = new AuthenticateUserResponse();
@SuppressWarnings("unchecked")
LinkedHashMap inputHashMap = (LinkedHashMap)input;
User user = authenticateUser(inputHashMap);
return null;
}
public User authenticateUser(LinkedHashMap input){
User user = null;
String userName = (String) input.get("userName");
String passwordHash = (String) input.get("passwordHash");
try {
AmazonDynamoDBClient client = new AmazonDynamoDBClient();
client.setRegion(Region.getRegion(Regions.US_EAST_1));
DynamoDBMapper mapper = new DynamoDBMapper(client);
user = mapper.load(User.class, userName);
if(user != null){
System.out.println("user found");
if(user.getPasswordHash().equals(passwordHash)){
System.out.println("user password matched");
String openIdToken = getOpenIdToken(user.getUserId());
user.setOpenIdToken(openIdToken);
return user;
} else {
System.out.println("password unmatched");
}
} else {
System.out.println("user not found");
}
} catch (Exception e) {
System.out.println("Error: " + e.toString());
}
return user;
}
This is the output
user found
user password matched
But I am getting the following error and hence, the return user statement is failing
1 validation error detected: Value 'us-east-1_XXXXXX' at 'identityPoolId'
failed to satisfy constraint: Member must satisfy regular expression pattern: [\w-]+:[0-9a-f-]+
(Service: AmazonCognitoIdentity; Status Code: 400; Error Code: ValidationException;
Upvotes: 59
Views: 47511
Answers (3)
Reputation: 5681
You are using a Cognito user pool id as the identity pool id. They are two different things. Identity pool ids are of format us-east-1:XXXX-XXXXXX-XXXX-XXXX.
To get an identity pool id you should use the "Manage Federated Identities" parts of the Cognito console not the "Manage User Pools" section.
Upvotes: 162
Reputation: 1516
"User Pools" and "Federated Identities" are different things. Make sure that you are not providing "aws_cognito_identity_pool_id" in config.
My config looks like:
...
"Auth": {
"region": "us-east-1",
"userPoolId": "<...>",
"userPoolWebClientId": "<...>",
"mandatorySignIn": false,
"oauth": {
"domain": "<...>.auth.us-east-1.amazoncognito.com",
"scope": [
"phone",
"email",
"openid",
"profile",
"aws.cognito.signin.user.admin"
],
"redirectSignIn": "<...>",
"redirectSignOut": "<...>",
"responseType": "code"
}
}
...
In User Pool - Allowed OAuth Flows
- Authorization code grant - check
- Implicit grant - check
Upvotes: 1
Reputation: 3875
You can find it in User Pools > Federated Identities > App clients > App client id
Upvotes: 0
Related Questions
- Amazon Cognito "RespondToAuthChallenge" - returns a NotAuthorizedException, Incorrect username or password
- AWS Cognito with ADFS: Issuer doesn't match providerName
- Getting descriptive login error messages in iOS app using AWS Cognito
- AWS Cognito permissions to access S3 on Android
- AWS Cognito integration swift3 Refresh provides ResourceNotFoundException