Amazon-cognito-identity-js: Integrating User Pools with Amazon Cognito Identity not working

Created on 6 Jul 2016  路  5Comments  路  Source: amazon-archives/amazon-cognito-identity-js

When a confirmed user logs in and is authenticated with User pools, it is not showing up in my Cognito Identity Pool that we have an authorized user. Instead, the identity is listed as unauthorized. What step am I missing? I followed instructions on this page. http://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-integrating-user-pools-with-identity-pools.html

below is my code for authenticating a user on log in:

export function authenticateUser(username,password){
  AWS.config.region = 'us-east-1';
  let authenticationData = {
    Username : username,
    Password : password
  };
  let authenticationDetails = new AWSCognito.CognitoIdentityServiceProvider.AuthenticationDetails(authenticationData);
  let userData = {
    Username : username,
    Pool : userPool
  };
  let cognitoUser = new AWSCognito.CognitoIdentityServiceProvider.CognitoUser(userData);


  return new Promise(function(resolve,reject){
    cognitoUser.authenticateUser(authenticationDetails, {
      onSuccess:function(result){
        log.debug('access token + ' + result.getAccessToken().getJwtToken());
        log.debug('result:',result)
        resolve(result);
        log.debug('You are now logged in.');

        // Add the User's Id Token to the Cognito credentials login map.
        AWS.config.credentials = new AWS.CognitoIdentityCredentials({
            IdentityPoolId: 'us-east-1:0bf0ab2c-c013-4617-be40-e587d29a1c49',
            Logins: {
                    'cognito-idp.us-east-1.amazonaws.com/4NUJPijFI': result.getIdToken().getJwtToken()
            }
            })
        return result;
      },
      onFailure:function(err){
        reject(err);
        return err;
      }
    });
  });
}

Most helpful comment

@sarah-pixvana, you have to call refresh method in order to authenticate a user and get new temp credentials:

AWS.config.credentials = new AWS.CognitoIdentityCredentials({
  IdentityPoolId: 'us-east-1:0bf0ab2c-c013-4617-be40-e587d29a1c49',
  Logins: {
    'cognito-idp.us-east-1.amazonaws.com/4NUJPijFI': result.getIdToken().getJwtToken()
  }
});

AWS.config.credentials.refresh((error) => {
  if (error) {
    console.error(error);
  } else {
    console.log('Successfully logged!');
 }
});

Also the provider name seems to be wrong:
cognito-idp.us-east-1.amazonaws.com/<region_is_missing>_4NUJPijFI

All 5 comments

@sarah-pixvana, you have to call refresh method in order to authenticate a user and get new temp credentials:

AWS.config.credentials = new AWS.CognitoIdentityCredentials({
  IdentityPoolId: 'us-east-1:0bf0ab2c-c013-4617-be40-e587d29a1c49',
  Logins: {
    'cognito-idp.us-east-1.amazonaws.com/4NUJPijFI': result.getIdToken().getJwtToken()
  }
});

AWS.config.credentials.refresh((error) => {
  if (error) {
    console.error(error);
  } else {
    console.log('Successfully logged!');
 }
});

Also the provider name seems to be wrong:
cognito-idp.us-east-1.amazonaws.com/<region_is_missing>_4NUJPijFI

Thanks!! @mgoria That worked :) It wasn't super clear in the documents that we had to call the refresh method in order to get it to sync with federated identities. It would probably be helpful to update that for future. I also read through this closed issue https://github.com/aws/amazon-cognito-identity-js/issues/7 which had some misleading information about how to declare the provider name.

What is the reason for omitting the refresh call as described above, in Use Case 4 of README?

The documentation can be updated by sending a pull request if the use case is relevant.

The documentation is non-functional... seems like a valid use case for updating...

Was this page helpful?
0 / 5 - 0 ratings

Related issues

tranan89 picture tranan89  路  5Comments

kaihendry picture kaihendry  路  4Comments

m-schrepel picture m-schrepel  路  6Comments

BerndWessels picture BerndWessels  路  5Comments

eczajk1 picture eczajk1  路  3Comments