Reputation:
Authenticate user with Cognito user pool credentials
How to authenticate user WITHOUT identity pool/IdentityPoolId, only with user pool credentials? https://github.com/aws/amazon-cognito-identity-js
Example 4 in link above works only for/with identity pool, when i call for example method
cognitoUser.changePassword('oldPassword', 'newPassword', function(err, result) {}
retrun me error from CognitoUser.js, string 602-604
if (!(this.signInUserSession != null && this.signInUserSession.isValid())) {
return callback(new Error('User is not authenticated'), null);
}
But when i call
cognitoUser.getSession(function(err, session) {if (err) {
alert(err);
return;
}
console.log('session validity: ' + session.isValid());
It's give me session tokens.
How i'm trying to authenticate user:
const logins = {};
logins['cognito-idp.' + environment.region + '.amazonaws.com/' + environment.UserPoolId] = session.getIdToken().getJwtToken();
// Add the User's Id Token to the Cognito credentials login map.
AWS.config.credentials = new AWS.CognitoIdentityCredentials({
Logins: logins
});
That give me error
Argument of type '{ Logins: {}; }' is not assignable to parameter of type 'CognitoIdentityOptions'.
What i'm trying to achieve:
1) How to understand that cognito userpool user authenticated without identity pool?
2) How to authenticate user?
3) Object CognitoUser have 2 propreties:
- Session
- signInUserSession
What are they for? How to use them properly?
P.S. When im using like this way, all works fine, but i need to achieve it without identity pool
const creds = new AWS.CognitoIdentityCredentials({
IdentityPoolId: environment.IdentityPoolId, // your identity pool id here
Logins: {
// Change the key below according to the specific region your user pool is in.
[`cognito-idp.${environment.region}.amazonaws.com/${environment.UserPoolId}`]: session.getIdToken().getJwtToken()}},
{
region: environment.region
});
AWS.config.credentials = creds;
Upvotes: 1
Views: 2876
Answers (3)
Reputation: 1158
Call the change password function inside the onsuccess of authenticateUser function. It solved my issue
Upvotes: 2
Reputation: 5751
I feel that for your Logins map, you have a map that contains an array while the example has just a map such as below.
Logins : {
// Change the key below according to the specific region your user pool is in.
'cognito-idp.<region>.amazonaws.com/<YOUR_USER_POOL_ID>' : result.getIdToken().getJwtToken()
}
Upvotes: 0
Reputation: 5751
What are you trying to achieve in the first place? Identity Pool, Identity Pool Ids are used in the context of Cognito Federated Identities. Cognito Federated Identities is used to vend AWS Credentials by federating with different identity providers such as Facebook, Google, or Cognito User Pools.
The SDK you pointed to is the SDK for Cognito User Pools. User Pools can be seen as a directory of user data that can be used for authentication and is an identity provider for Cognito Federated Identities.
The method you are calling for changePassword which is an authenticated method in the context of User Pools (the user needs to be authenticated). GetSession just retrieves the current user from local storage. What exactly is your use case, what are you trying to achieve?
Upvotes: 0
Related Questions
- Possible to authenticate an AWS Cognito user via the API?
- Authenticating to AWS Cognito User Pool from browser JS
- Using AWS Cognito to authenticate users in my own api
- AWS Cognito Developer Authenticated Identities using JavaScript SDK
- How do I authenticate against an AWS Cognito User Pool
- AWS Cognito - Developer Authenticated Identities in JavaScript(Browser)
- How to authenticate Cognito user pool in node js
- How to turn an CognitoAuth auth object into AWS-SDK credentials
- How to authenticate a cognito user with access token and id token
- How do you authenticate a user in a user pool via Cognito when error messages say userName and password don't match even though they do?