Amazon-cognito-identity-js: Credential Refresh: Token is not from a supported provider of this identity pool

Created on 5 May 2017  路  5Comments  路  Source: amazon-archives/amazon-cognito-identity-js

I've been following all the examples here and am facing a weird issue right now.

When authenticating a user successfully I try to refresh the credentials to get Temp Keys for the user, however I keep getting this issue:
POST https://cognito-identity.us-east-1.amazonaws.com/ 400 (Bad Request)
Error: Token is not from a supported provider of this identity pool.

I've read other articles talking about this and it mainly is seen fi the clientId isn't the same between requests, I know for certain that the clientId is correct in all requests.

AWS.config.region = region; // region = us-east-1
console.log(result.getIdToken().getJwtToken());
AWS.config.credentials = new AWS.CognitoIdentityCredentials({
IdentityPoolId: identityPoolId, // your identity pool id here
Logins: {
// Change the key below according to the specific region your user pool is in.
[identityPoolLoginKey]: result.getIdToken().getJwtToken()
}
});
AWS.config.credentials.refresh((err) => {
if (err) {
console.error(err);
} else {
console.log("Refresh success");
}
});

This is exactly as it should be according to the example in the Readme /17

I use this library to create the user, verify the user and log in with it.

Any thoughts on that? Perhaps it is something I'm doing wrong when configuring the user pool, although that seems pretty straight forward.

I should mention I'm using this with create-react-app not sure this makes a difference but better to mention than not.

Most helpful comment

This might be hinting at an issue with your identity pool's configuration. A few things to check:

  • Does your logins key match exactly this format?
    cognito-idp.<region>.amazonaws.com/<YOUR_USER_POOL_ID>
  • Is that exactly the pool id you linked to your identity pool?
  • Is the client you're using to sign in exactly what you linked to your identity pool? This is my guess on the cause to this issue. You can link multiple clients as needed. It will fail if it's different in your app than what was set up.

All 5 comments

This might be hinting at an issue with your identity pool's configuration. A few things to check:

  • Does your logins key match exactly this format?
    cognito-idp.<region>.amazonaws.com/<YOUR_USER_POOL_ID>
  • Is that exactly the pool id you linked to your identity pool?
  • Is the client you're using to sign in exactly what you linked to your identity pool? This is my guess on the cause to this issue. You can link multiple clients as needed. It will fail if it's different in your app than what was set up.

Quick question, when I create a user in my user pool and have my user pool linked to an identity pool, should I see the same user in both?
Right now when looking at the identity pool I see no identities

Thank you @jbailey2010 you were absolutely correct! My Identity Pool provider was configured with the wrong clientId! Thank you for pointing that out :)

You won't see it automagically show up. Identities are only created in an identity pool when you make a call with the user pools token to Cognito Federated Identities.

To do this, sign in with the user and then get credentials from Cognito Federated Identities and they'll show up in the pool.

Thanks guys for figured out this issue. I stuck with this for two days. now I got the solution from here.

Was this page helpful?
0 / 5 - 0 ratings