Amplify-js: Amplify-react Authenticator federated sign in doesn't create user in pool
* Which Category is your question related to? *
Amplify React
* What AWS Services are you utilizing? *
Cognito
* Provide additional details e.g. code snippets *
When I use my custom sign-in app done with Amplify-react Authenticator HOC and I use a social provider such as Facebook, the user sign-in but no user pool is created.
This seems to work only if I use the Hosted UI, in that case if I sign-in with Facebook I get the user created in pool as EXTERNAL_PROVIDER.
Is this wanted? Why? Is there a workaround such a lambda trigger from social sign-in I can use to create the user in pool?
I also can't find a lambda that's triggered when a user sign-in with social identity such as Facebook or Google. Is there?
michelem09
All 10 comments
@michelem09 thanks for your question. You are correct, if you do social sign using authenticator it wont create the user on your userpool, and as you mention it will be created only if you use hosted UI.
There are security reasons to not create the user on the userpool without hosted UI flow. Do you have any specific reason to not use Hosted UI?
You can use Hosted UI, in a similar way as Authenticator component by using withOAuth HOC. For more information you can take a look here
elorzafe
on 20 Aug 2019
Well, basically I need to modify the form a bit, for example I need to put a checkbox to let user accept the TOS in the signup and with Hosted UI I can't do that.
I will investigate withOauth HOC.
michelem09
on 21 Aug 2019
@michelem09 let me know how it goes.
elorzafe
on 26 Aug 2019
Unfortunately I have other priorities now, but I will come back on this ASAP. Thanks
michelem09
on 27 Aug 2019
I cannot understand how this works, I don't want to redirect my users to the HostedUI website.
michelem09
on 8 Oct 2019
Has there been any update on this?
TOPSinfo
on 9 Nov 2019
@TOPSinfo @michelem09 There are two ways to federate with social providers in Cognito: with Identity Pools or with User Pools (via Hosted UI). If you are federating with Identity Pools (which seems to be the case) a user will not be create automatically in the User Pool... you will simply see an 'Identity' in the Identity Pool.
You note that you do not want to use the Hosted UI. If your objection is based only on the fact that you do not want to use the Hosted UI interface, then you can work around this issue; it is possible to use the Hosted UI functionality without actually directing users to the Hosted UI interface. This can be accomplished by calling Auth.federated signIn with a provider parameter in the options, like so:
<button onClick={() => Auth.federatedSignIn({provider: 'Google'})}>Open Google</button>
This will route users to Hosted UI, which will immediately redirect them to the Google login/account selection/consent screens. The user will then be passed back to your application and Amplify will handle the tokens in the OAuth response. A user should also be created in the User Pool.
I hope this helps.
haverchuck
on 17 Dec 2019
@haverchuck that's great, let me try it. Thanks
michelem09
on 17 Dec 2019
Closing this issue due to inactivity.
haverchuck
on 2 Jan 2020
@haverchuck Hi, according to your reply above:
There are two ways to federate with social providers in Cognito: with Identity Pools or with User Pools (via Hosted UI). If you are federating with Identity Pools (which seems to be the case) a user will not be create automatically in the User Pool... you will simply see an 'Identity' in the Identity Pool.
I am using hosted-ui (by calling Auth.federatedSignIn) thus the user is created in the user pool.. I don't want the user to be created in the user pool, is there a way to use hosted-ui (Auth.federatedSignIn) without it created in user pool?
P.S: I have tried changing and/or removing federatedTarget: "COGNITO_IDENTITY_POOLS" in the aws-exports to no avail...
JiboStore
on 27 May 2020
Related issues
josoroma
路
3Comments
benevolentprof
路
3Comments
ddemoll
路
3Comments
callmekatootie
路
3Comments
guanzo
路
3Comments
Most helpful comment
@TOPSinfo @michelem09 There are two ways to federate with social providers in Cognito: with Identity Pools or with User Pools (via Hosted UI). If you are federating with Identity Pools (which seems to be the case) a user will not be create automatically in the User Pool... you will simply see an 'Identity' in the Identity Pool.
You note that you do not want to use the Hosted UI. If your objection is based only on the fact that you do not want to use the Hosted UI interface, then you can work around this issue; it is possible to use the Hosted UI functionality without actually directing users to the Hosted UI interface. This can be accomplished by calling Auth.federated signIn with a provider parameter in the options, like so:
This will route users to Hosted UI, which will immediately redirect them to the Google login/account selection/consent screens. The user will then be passed back to your application and Amplify will handle the tokens in the OAuth response. A user should also be created in the User Pool.
I hope this helps.