0

I can get identity id with Facebook token from Amazon Cognito by using Aws\CognitoIdentity\CognitoIdentityClient of Amazon PHP SDK ( https://docs.aws.amazon.com/aws-sdk-php/v3/api/class-Aws.CognitoIdentity.CognitoIdentityClient.html ). 

$identityClient = AWS::createClient('CognitoIdentity');
$idResp = $identityClient->getId(array(
    'AccountId' => 'MY_ACCOUNT_ID',
    'IdentityPoolId' => 'MY_IDENTITY_POOL_ID',
    'Logins' => array(
        'graph.facebook.com' => $fbUser->token,
    )
));

$identityId = $idResp["IdentityId"];

I can see the identity id in the identity browser page of Federated Identities, but there are no any user record in the Users page of User Pools.

Is this a expected result ? If it is, how can I add user info into User Pools and get them ?

Any help is appreciated.

1 Answers1

0

If you only logged in with Facebook, a user will not show up in your user pool. Cognito user pools and cognito federated identities are unique services. Think of user pools as it's own provider - it's parallel to facebook from the point of view of your identity pool. If you want to get a user to show up in your user pool, you need to log in with user pools and pass the token to your identity pool (like you did with facebook). See our developer guide for the exact configuration you need.

Jeff Bailey
  • 5,655
  • 1
  • 22
  • 30
  • I use signUp method of CognitoIdentityProvider in PHP SDK, but I got the error about "Unable to verify secret hash for client". It seems like my ClientId is wrong, and where I can get my ClientId ? Thanks. –  Sep 02 '16 at 03:31
  • It comes from 'apps' you generate/link to your user pool in the console. You can get the id there. – Jeff Bailey Sep 02 '16 at 03:32
  • I set that ClientId but still got the same error `$identityProvider = AWS::createClient('CognitoIdentityProvider');` `$result = $identityProvider->signUp(['ClientId' => 'ClientId' , ....]);` Did I do something wrong ? –  Sep 02 '16 at 03:42
  • Is the secret there? Sounds like you set one up but aren't giving it. If so, try recreating a new client from the console. If you want a secret, make note of both. It is possible to only use the client ID. – Jeff Bailey Sep 02 '16 at 03:45