When a confirmed user logs in and is authenticated with User pools, it is not showing up in my Cognito Identity Pool that we have an authorized user. Instead, the identity is listed as unauthorized. What step am I missing? I followed instructions on this page. http://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-integrating-user-pools-with-identity-pools.html
below is my code for authenticating a user on log in:
export function authenticateUser(username,password){
AWS.config.region = 'us-east-1';
let authenticationData = {
Username : username,
Password : password
};
let authenticationDetails = new AWSCognito.CognitoIdentityServiceProvider.AuthenticationDetails(authenticationData);
let userData = {
Username : username,
Pool : userPool
};
let cognitoUser = new AWSCognito.CognitoIdentityServiceProvider.CognitoUser(userData);
return new Promise(function(resolve,reject){
cognitoUser.authenticateUser(authenticationDetails, {
onSuccess:function(result){
log.debug('access token + ' + result.getAccessToken().getJwtToken());
log.debug('result:',result)
resolve(result);
log.debug('You are now logged in.');
// Add the User's Id Token to the Cognito credentials login map.
AWS.config.credentials = new AWS.CognitoIdentityCredentials({
IdentityPoolId: 'us-east-1:0bf0ab2c-c013-4617-be40-e587d29a1c49',
Logins: {
'cognito-idp.us-east-1.amazonaws.com/4NUJPijFI': result.getIdToken().getJwtToken()
}
})
return result;
},
onFailure:function(err){
reject(err);
return err;
}
});
});
}
@sarah-pixvana, you have to call refresh method in order to authenticate a user and get new temp credentials:
AWS.config.credentials = new AWS.CognitoIdentityCredentials({
IdentityPoolId: 'us-east-1:0bf0ab2c-c013-4617-be40-e587d29a1c49',
Logins: {
'cognito-idp.us-east-1.amazonaws.com/4NUJPijFI': result.getIdToken().getJwtToken()
}
});
AWS.config.credentials.refresh((error) => {
if (error) {
console.error(error);
} else {
console.log('Successfully logged!');
}
});
Also the provider name seems to be wrong:
cognito-idp.us-east-1.amazonaws.com/<region_is_missing>_4NUJPijFI
Thanks!! @mgoria That worked :) It wasn't super clear in the documents that we had to call the refresh method in order to get it to sync with federated identities. It would probably be helpful to update that for future. I also read through this closed issue https://github.com/aws/amazon-cognito-identity-js/issues/7 which had some misleading information about how to declare the provider name.
What is the reason for omitting the refresh call as described above, in Use Case 4 of README?
The documentation can be updated by sending a pull request if the use case is relevant.
The documentation is non-functional... seems like a valid use case for updating...
Most helpful comment
@sarah-pixvana, you have to call
refreshmethod in order to authenticate a user and get new temp credentials:Also the provider name seems to be wrong:
cognito-idp.us-east-1.amazonaws.com/<region_is_missing>_4NUJPijFI