5

When I use the below code:

$result = $this->client->adminInitiateAuth([
                'AuthFlow' => 'ADMIN_NO_SRP_AUTH',
                'ClientId' => $this->client_id,
                'UserPoolId' => $this->userpool_id,
                'AuthParameters' => [
                    'USERNAME' => $username,
                    'PASSWORD' => $password,
                ],
            ]);

I am getting a response with session and challengeName :NEW_PASSWORD_REQUIRED. From this how to generate the AccessToken in AWS-cognito?

D Malan
  • 10,272
  • 3
  • 25
  • 50
imlokeshs
  • 195
  • 1
  • 1
  • 10

2 Answers2

8

You can use the respondToAuthChallenge method to set the user's new password and log them in. It should also return the accessToken for you.

You could do something like this:

$result = $this->client->respondToAuthChallenge([
            'ChallengeName' => 'NEW_PASSWORD_REQUIRED',
            'ClientId' => $this->client_id,
            'ChallengeResponses' => [
                'USERNAME' => $username,
                'NEW_PASSWORD' => $password,
            ],
            'Session' => $session,
        ]);
D Malan
  • 10,272
  • 3
  • 25
  • 50
0

You need to respond this challenge (respondToAuthChallenge) using the session returned by adminInitiateAuth method. This session is a key to respond because the user at this time not is logged yet and is valid for 3 minutes. After that, you will reveive (if the session is valid) the RefreshToken, AccessToken and IdToken.

Thiago Virgilio
  • 1
  • 1