1

I am trying to run

const credentials = await Auth.currentCredentials()
const creds = await Auth.essentialCredentials(credentials)
AWS.config.credentials = new AWS.Credentials(creds.accessKeyId, creds.secretAccessKey, creds.sessionToken)

But first line throws "cannot get guest credentials when mandatory signin enabled"

My Cognito is configured to work only for authenticated users. I don't want to allow unauthenticated users. I assume it can't find credentials for the logged in user, then defaults to find credentials for guest user - which don't exist.

However when I run:

const s = await Auth.currentSession()
console.log(s)

or

const s = await Auth.currentAuthenticatedUser()
console.log(s)

Indeed I see the expected response, containing the user I signed in with Amplify log in screen. In currentSession object I have idToken, refereshToken and accessToken, each containing jwt token. But can't progress from there.

Running on iOS and react native

Any suggestions?
Thanks

belostoky
  • 934
  • 2
  • 11
  • 22
  • Where are you configuring amplify auth? Do you have an excerpt of that? Also you might want to check if the user you're using is flagged for a password change. Might be that Amplify falls back on a guest-user because the user you're trying is flagged. – Braks Jul 29 '21 at 17:55
  • amplify config is in index.js: Amplify.configure({ Auth: { mandatorySignIn: true, region: "my-region", userPoolId: "my-region_xxxxx", identityPoolId: "my-pool-id", userPoolWebClientId: "my-webclient-id" }, }); – belostoky Jul 30 '21 at 16:54
  • "flagged for password change" - do u mean account status under 'users and groups'? the username has CONFIRMED status – belostoky Jul 30 '21 at 16:56

1 Answers1

0

You need to enable it by updating your Auth configuration in AWS Amplify by using the following instructions:

  1. Use the CLI command "amplify update auth".

  2. Select Walkthrough auth settings.

  3. Go through some of steps until you are asked whether to enable unauthenticated logins. Enable it.

  4. Go through more steps until no more questions.

  5. Finally, use the CLI command "amplify push".

This should allow you to access let Auth.currentCredentials() and will add an unauthenticated login on your identity pool.

Adrian Mole
  • 49,934
  • 160
  • 51
  • 83
Michael Chambers
  • 1
  • 1