amazon-cognito

问题 I'd like to use AWS Cognito (User Pools and Identity Pools) for managing access to my web app. This web app is a report generator. It generates reports from gathered sensors' data. The possible scope of requested data should vary between users. Some users should only have access to specific sensor IDs or sensors from a specified area or date range. However, I'd like to make some reports publicly available - eg. data from sensors from New York should be available to everyone without the need

问题 I've configured a User Pool in Amazon Cognito to be able to sign-in/sign-up users and I've setup facebook as identity provider. On my hosted ui (https://xxx.auth.us-east-1.amazoncognito.com/login?client_id=2yyy&redirect_uri=zzzz.com.br&response_type=code), I could successfully click on "continue with facebook" but after I got redirect to my return_uri the following error as query parameter was shown: https://zzzz.com.br/?error_description=username+attribute+mapping+required&error=invalid

问题 I'm quite new to AWS Cognito and about token security. I decided to use AWS Cognito for may application. I followed the guide here for my web app and my web api. https://dzone.com/articles/identity-as-a-service-idaas-aws-cognito-and-aspnet https://dzone.com/articles/identity-as-a-service-idaas-asp-net-core-api-and-a Everything works fine. But when I try to create a new User pool in AWS Cognito and then change the appsetting for both web app and web api to use the new user pool, I found

问题 I am considering creating a user pool per tenant based on the recommended multi-tenant architecture (for ex: https://aws.amazon.com/quickstart/saas/identity-with-cognito/) The rest of the resources in the application are going to be using pooled resources (for ex: API gateway, dynamoDB tables). Considering the silo model just for the Cognito/auth part of the application. Application requirements: Subdomain per tenant i.e. tenant1.company.com an tenant2.company.com A user can belong to

问题 Problem "Unable to verify secret hash for client ..." at REFRESH_TOKEN_AUTH auth flow. { "Error": { "Code": "NotAuthorizedException", "Message": "Unable to verify secret hash for client 3tjdt39cq4lodrn60kjmsb****" }, "ResponseMetadata": { "HTTPHeaders": { "connection": "keep-alive", "content-length": "114", "content-type": "application/x-amz-json-1.1", "date": "Tue, 29 Jan 2019 22:22:35 GMT", "x-amzn-errormessage": "Unable to verify secret hash for client 3tjdt39cq4lodrn60kjmsbv3jq", "x-amzn

问题 Problem "Unable to verify secret hash for client ..." at REFRESH_TOKEN_AUTH auth flow. { "Error": { "Code": "NotAuthorizedException", "Message": "Unable to verify secret hash for client 3tjdt39cq4lodrn60kjmsb****" }, "ResponseMetadata": { "HTTPHeaders": { "connection": "keep-alive", "content-length": "114", "content-type": "application/x-amz-json-1.1", "date": "Tue, 29 Jan 2019 22:22:35 GMT", "x-amzn-errormessage": "Unable to verify secret hash for client 3tjdt39cq4lodrn60kjmsbv3jq", "x-amzn

问题 as written in the title is it possible change username of a Amazon Cognito user? I can't find anything in documentation 回答1: It is possible to update the preferred_username of a Cognito User using the iOS SDK, using the updateAttributes API call. However, kindly note that you would not be able to modify the username of a user. Quoting the official AWS documentation, The username value is a separate attribute and not the same as the name attribute. A username is always required to register a

问题 I'm getting the error "Cannot redirect to the authorization endpoint, the configuration may be missing or invalid" when used with IPostConfigurationOptions configuration. IPostConfigurationOptions implementation is used to fetch user roles from API and add them as claims to user identity in web client. The error is thrown by Logout method, specifically by "await HttpContext.SignOutAsync(OpenIdConnectDefaults.AuthenticationScheme);" line of code. When IPostConfigurationOptions is commented out

问题 So I need to display a list of users as well as their individual groups in a custom admin screen for a client. I'm returning the results of AWS.CognitoIdentityServiceProvider.listUsers in a Lambda function and that's listing users fine, but I'm not sure on the best way to fetch the groups for each user and add them to the response. It seems a bit surprising to me that they don't provide a listUsers like method that includes that information, personally, as it seems like it would be a common

问题 So I need to display a list of users as well as their individual groups in a custom admin screen for a client. I'm returning the results of AWS.CognitoIdentityServiceProvider.listUsers in a Lambda function and that's listing users fine, but I'm not sure on the best way to fetch the groups for each user and add them to the response. It seems a bit surprising to me that they don't provide a listUsers like method that includes that information, personally, as it seems like it would be a common