Amplify-js: Custom auth lambda trigger is not configured for the user pool.
Describe the bug
Using the Vue.js <amplify-sign-in> component, when attempting to log in with a blank password, I get the error "Custom auth lambda trigger is not configured for the user pool."
To Reproduce
Steps to reproduce the behavior:
Configure a Cognito user pool with just the email attribute required, and the OAuth 2.0 Authorization code grant flow. Scopes set to 'email', 'profile', 'openid'.
Expected behavior
An error message like "password is required". Ideally, the form wouldn't even submit.
Code Snippet
Please provide a code snippet or a link to sample code of the issue you are experiencing to help us reproduce the issue. (Be sure to remove any sensitive data)
Screenshots
If applicable, add screenshots to help explain your problem.
What is Configured?
Manual configuration:
const config = {
Auth: {
region: 'us-east-1',
userPoolId: 'us-east-1_xxxxx',
userPoolWebClientId: 'xxxxxxxxxxxx',
oauth: {
scope: ['email', 'profile', 'openid'],
redirectSignIn: 'http://localhost:8080',
redirectSignOut: 'http://localhost:8080',
responseType: 'code',
},
},
Storage: {
AWSS3: {
bucket: 'xxxxxxxx',
region: 'us-east-1',
},
},
};
export default config;
aws cognito-idp describe-user-pool --user-pool-id us-east-1_Nqtk7VOG7
{
"UserPool": {
"Id": "us-east-1_xxxxxxxxxxx",
"Name": "xxxxxxxxx-UserPool",
"Policies": {
"PasswordPolicy": {
"MinimumLength": 8,
"RequireUppercase": false,
"RequireLowercase": false,
"RequireNumbers": false,
"RequireSymbols": false,
"TemporaryPasswordValidityDays": 7
}
},
"LambdaConfig": {},
"LastModifiedDate": 1586972919.04,
"CreationDate": 1586950658.697,
"SchemaAttributes": [
{
"Name": "sub",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": false,
"Required": true,
"StringAttributeConstraints": {
"MinLength": "1",
"MaxLength": "2048"
}
},
{
"Name": "name",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "given_name",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "family_name",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "middle_name",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "nickname",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "preferred_username",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "profile",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "picture",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "website",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "email",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": false,
"Required": true,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "email_verified",
"AttributeDataType": "Boolean",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false
},
{
"Name": "gender",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "birthdate",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "10",
"MaxLength": "10"
}
},
{
"Name": "zoneinfo",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "locale",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "phone_number",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "phone_number_verified",
"AttributeDataType": "Boolean",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false
},
{
"Name": "address",
"AttributeDataType": "String",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"StringAttributeConstraints": {
"MinLength": "0",
"MaxLength": "2048"
}
},
{
"Name": "updated_at",
"AttributeDataType": "Number",
"DeveloperOnlyAttribute": false,
"Mutable": true,
"Required": false,
"NumberAttributeConstraints": {
"MinValue": "0"
}
}
],
"AutoVerifiedAttributes": [
"email"
],
"UsernameAttributes": [
"email"
],
"VerificationMessageTemplate": {
"DefaultEmailOption": "CONFIRM_WITH_CODE"
},
"MfaConfiguration": "OFF",
"EstimatedNumberOfUsers": 2,
"EmailConfiguration": {
"EmailSendingAccount": "COGNITO_DEFAULT"
},
"UserPoolTags": {},
"Domain": "xxxxxxxxxx",
"AdminCreateUserConfig": {
"AllowAdminCreateUserOnly": true,
"UnusedAccountValidityDays": 7
},
"Arn": "arn:aws:cognito-idp:us-east-1:123456798012:userpool/us-east-1_xxxxxxxx"
}
}
mrichman
All 16 comments
Hi, we have been aware of this issue and have this in our milestone. Currently, i guess this happens on sign-in component's when there is no password. Right? There are password less sign in that disrupts the flow we have. I will keep you updated on this ticket as we progress.
ashika01
on 29 Apr 2020
Thanks very much!
mrichman
on 30 Apr 2020
one simple hack to it is telling the cognito that passwordless login is not permitted..we do it by going to aws cognito console's app client and Enable username password based authentication (ALLOW_USER_PASSWORD_AUTH) which by default is not enabled....also we can set it in amplify.configure
santuvytla
on 19 May 2020
So we have no solution? I tried the proposed solution but it does not work. I disabled and enabled the Enable lambda trigger based custom authentication (ALLOW_CUSTOM_AUTH); I enabled the Enable username password based authentication (ALLOW_USER_PASSWORD_AUTH); I also disabled and enabled the Enable SRP (secure remote password) protocol based authentication (ALLOW_USER_SRP_AUTH). At the client, I updated the Auth.configure to setup user/pass auth by adding authenticationFlowType: 'USER_PASSWORD_AUTH'.
Still I always get the same error: either CUSTOM_AUTH is not enabled for the client, or Custom auth lambda trigger is not configured for the user pool.
I don't know how to proceed, as I use angular ionic and not react so I can't even control the UI or the error messages.
eshacham
on 18 Jul 2020
I am also getting the same error when trying to login with password field empty. The proposed solution by @santuvytla does not work for me as well.
kcsuraj
on 23 Jul 2020
Any update or workaround on this @ashika01?
I tried the Auth.configure({ authenticationFlowType: 'USER_PASSWORD_AUTH' }) as well but this doesn't seem to work :/
ChristopheBougere
on 31 Aug 2020
you can use toastify for custom messages if above solution doesnt work...
import { toast } from "react-toastify"
signUp = async form => {
const { username, email, password } = form
try {
const user = await Auth.signUp({
username,
password,
attributes: {
email, // optional
// phone_number, // optional - E.164 number convention
// other custom attributes
},
})
console.log({ user })
// sign up
this.setState({ formState: "confirmSignUp" })
} catch (error) {
toast("Error signing up: " + error.message, {
position: toast.POSITION.TOP_LEFT,
})
console.log("error signing up:", error)
}
}
confirmSignUp = async form => {
const { username, authcode } = form
try {
await Auth.confirmSignUp(username, authcode)
// confirm sign up
this.setState({ formState: "signIn" })
} catch (error) {
toast("Error confirming: " + error.message, {
position: toast.POSITION.TOP_LEFT,
})
console.log("error confirming sign up", error)
}
}
signIn = async form => {
const { username, password } = form
try {
const user = await Auth.signIn(username, password)
const {
signInUserSession: {
idToken: { payload },
},
} = user
console.log({ payload })
// signIn
if (
payload["cognito:groups"]
) {
this.setState({ formState: "signedIn", isAdmin: true })
// localStorage.setItem("userSession", JSON.stringify({ formState: "signedIn", isAdmin: true }))
} else {
toast("YOU ARE NOT ADMIN GET OUT", {
position: toast.POSITION.TOP_LEFT,
})
toast("AND STAY OUT", {
position: toast.POSITION.TOP_LEFT,
})
}
} catch (error) {
toast("Error signing in: " + error.message, {
position: toast.POSITION.TOP_LEFT,
})
console.log("error signing in", error)
}
}
signOut = async () => {
try {
await Auth.signOut()
// sign out
this.setState({ formState: "signUp" })
} catch (error) {
toast("Error signing out: " + error.message, {
position: toast.POSITION.TOP_LEFT,
})
console.log("error signing out: ", error)
}
}
santuvytla
on 1 Sep 2020
@santuvytla Thanks for your answer. That means doing your own authentication workflow though, and I'd like to keep the authentication UI component (react in my case) if possible.
ChristopheBougere
on 1 Sep 2020
For anyone interested, I was able to customize the error message like this:
import { I18n } from 'aws-amplify';
I18n.putVocabularies({
fr: {
'Custom auth lambda trigger is not configured for the user pool.': 'Veuillez renseigner le mot de passe',
},
});
I wish this could be constants instead of strings, like for other translations in the new UI components version, but still a workaround. It still sends the request though, but at least displays a corresponding error.
ChristopheBougere
on 4 Sep 2020
Workaround!
Use the "AmplifyConfirmSignUp" and force the user to type the password again, and process should work as expected.
Looks like when you submit the form without password, it get's identified as "CUSTOM"
import {
AmplifyAuthenticator,
AmplifySignIn,
AmplifySignUp,
AmplifyConfirmSignIn,
AmplifyConfirmSignUp
} from '@aws-amplify/ui-react';
...
<AmplifyConfirmSignUp
slot="confirm-sign-up"
formFields={[
{
type: 'email',
label: 'Email',
placeholder: 'Type your email',
required: true,
},{
type: 'code',
label: 'Code',
placeholder: 'Type the confirmation code',
required: true,
},
{
type: 'password',
label: 'Password',
placeholder: 'Type your password',
required: true,
},
]}></AmplifyConfirmSignUp>
llprudente
on 9 Sep 2020
@llprudente's workaround requires the user to re-type the password which is not the best idea but it did inspire me to find the following workaround:
<AmplifyConfirmSignUp
slot="confirm-sign-up"
></AmplifyConfirmSignUp>
So in other words, you don't really need to indicate any formFields. It works as long as you define your own AmplifyConfirmSignUp (see https://docs.amplify.aws/ui/auth/authenticator/q/framework/react)
Note: if you happen to use the email as the username like myself, remember to do that:
<AmplifyConfirmSignUp
slot="confirm-sign-up"
usernameAlias="email"
></AmplifyConfirmSignUp>
There's still the drawback of the email field not being filled automatically. I'll try to fix that as well.
hrhosni
on 21 Sep 2020
For anyone interested, I was able to customize the error message like this:
import { I18n } from 'aws-amplify'; I18n.putVocabularies({ fr: { 'Custom auth lambda trigger is not configured for the user pool.': 'Veuillez renseigner le mot de passe', }, });I wish this could be constants instead of strings, like for other translations in the new UI components version, but still a workaround. It still sends the request though, but at least displays a corresponding error.
managed to replace the text by
I18n.putVocabularies({
en: {
'Custom auth lambda trigger is not configured for the user pool.': 'Password cannot be empty',
},
});
danielcai1987
on 23 Sep 2020
Hey, is any progress on it?
researchdeveloping
on 13 Oct 2020
Same issue here - any updates on this?
mannau
on 10 Nov 2020
Hi all, this should be fixed by #7401. Sorry this took a while to respond. This is on unstable tag now and I'll let you know again when this gets released. Please let us know if the issue persists.
wlee221
on 14 Dec 2020
With #7403, this message should be translatable too:
import { I18n } from 'aws-amplify';
import { Translations } from '@aws-amplify/ui-components';
I18n.putVocabulariesForLanguage('en-US', {
[Translations.EMPTY_PASSWORD]: 'Custom Empty Password Translation',
});
Related issues
cgarvis
路
3Comments
shinnapatthesix
路
3Comments
lucasmike
路
3Comments
josoroma
路
3Comments
rayhaanq
路
3Comments
Most helpful comment
Hi, we have been aware of this issue and have this in our milestone. Currently, i guess this happens on
sign-incomponent's when there is no password. Right? There are password less sign in that disrupts the flow we have. I will keep you updated on this ticket as we progress.