问题
Are there any examples on how to use the refresh token to get a new idtoken on aws cognito?
I´m trying to use http://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminInitiateAuth.html
But then, it requires "developer credentials".
I think I was able to set that on Cognito following http://docs.aws.amazon.com/cognito/latest/developerguide/developer-authenticated-identities.html#associate-developer-provider
Now I don´t know what else do I need to do on my code in order to handle such a developer credential?
This is the message I´m getting:
"User: arn:aws:sts::540029582710:assumed-role/Cognito_Skyline_User_Pool_ProdAuth_Role/CognitoIdentityCredentials is not authorized to perform: cognito-idp:AdminInitiateAuth on resource: arn:aws:cognito-idp:ap-northeast-2:540029582710:userpool/ap-northeast-2_7wGKApTQV"
Thanks
回答1:
It turned out, in the end, that I needed to call InitiateAuth instead of AdminInitiateAuth
http://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_InitiateAuth.html
来源:https://stackoverflow.com/questions/45474045/aws-using-refresh-token-javascript