How to get Cognito Identity ID given the Cognito User Pool ID?

Question

In AWS Amplify's Storage Documentation, there's a section on how to get other users' objects...

Storage.get('test.txt', { 
    level: 'protected', 
    identityId: 'xxxxxxx' // the identityId of that user
})

Where can I get the identityId of another user?

I can only query for the Cognito User Pool Id of users. Is there a way to map the User Pool Id to the Identity Id?

Answer 1

For Amplify Gen 2:

import { fetchAuthSession } from 'aws-amplify/auth';

const session = await fetchAuthSession();
console.log("id token", session);

There will be an identityId property from the session object returned.

https://docs.amplify.aws/react/build-a-backend/auth/connect-your-frontend/manage-user-sessions/

Answer 2

There is a work-around in this GitHub comment where you can use Cognito User Pool ID instead of Identity ID for the S3 folder names. This way you won't really need to deal with Identity ID.

After doing some more research we found that you can use user attributes for access control so instead of using the federated id as the users folder name, you can specify a custom attribute mapping (we mapped cognitoId to sub) using principal tags, and in your policy you can dynamically reference resources using these tags:

Answer 3

You can get identity id using Auth.currentUserCredential Method

import { Auth } from 'aws-amplify';

await Auth.signIn(username, password);
const credentials = await Auth.currentUserCredentials();
console.log("identityId", credentials.identityId);

Answer 4

After much research and looking into some similar/related questions/answers, it seems that this is still missing from AWS.

The closest topic I found is from AWS Forums: https://forums.aws.amazon.com/thread.jspa?messageID=924345 which is still unanswered :-)