AWS Cognito - how to determine if unauthenticated user?

Question

I have AWS Lambda functions working fine with Cognito authenticated users.

I am now trying to get unauthenticated Cognito users going.

I cannot find any way at the back end to determine if the current user that called the Lambda function is authenticated or unauthenticated.

The identifying information that I have about the user is their Cognito IdentityId but how can I use that to find out of unauthenticated?

I'm using Python boto3.6 in Lambda.

score 4 · Accepted Answer · edited Aug 12 '17 at 06:48

4

check this http://boto3.readthedocs.io/en/latest/reference/services/cognito-identity.html#CognitoIdentity.Client.describe_identity

you get the logins if it is a auth user. never used it, but I think that is the way to know

EDIT: From OP: yes this is correct - the important thing is that the absence of the key "Logins" in the returned value means that the user is unauthenticated.

res = client2.describe_identity(
    IdentityId=context.identity.cognito_identity_id
)
if ('Logins' not in res.keys()):
    return True
else:
    return False

edited Aug 12 '17 at 06:48

Duke Dougal

24,359
31
91
123

answered Aug 11 '17 at 16:44

UXDart

2,500
14
12

Thank you yes this is correct - the important thing is that the absence of the key "Logins" in the returned value means that the user is unauthenticated. – Duke Dougal Aug 12 '17 at 06:47

AWS Cognito - how to determine if unauthenticated user?

1 Answers1