AWS Cognito User Pool Custom Authentication Lambdas Not Triggering

Question

I'm trying to implement the AWS Congito Custom Authentication flow for User pool (as suggested in their documentation. I have defined very basic logic in the define, create and verify challenges.

My define-challenge Lambda does not use any SRP or user_password authentication and issues a "CUSTOM_CHALLENGE" with only a single session event.
My create-challenge Lambda similarly has a very simple logic of asking for a single input.
My verify-challenge Lambda just prints the input and returns a success (for any kind of input)

I currently dont see the <cognito_domain>/login?client_id=etc triggering any of these Lambdas that I have defined in the User Pool settings. The lambda invocation metrics also dont show any calls made by Cognito to Lambda. I'm pretty sure I've added the Lambda triggers to the userpool properly and I can see the userpool has the permission to invoke the lambda as well (adding the lambda triggers from the console automatically adds the permissions as well).

How do I get Cognito to start triggering my Custom Authentication lambdas?

score 1 · Accepted Answer · answered Jun 11 '22 at 00:51

1

According to this document, they said that

Note The Amazon Cognito hosted sign-in webpage can't activate Custom authentication challenge Lambda triggers.

You have to write your own custom login flow using one of Cognito's SDKs

answered Jun 11 '22 at 00:51

hoangdv

15,138
4
27
48

Aah, didn't notice this important bit in the documentation. Thanks for the answer. Looks like we have to go with custom login page. – Sayon Roy Choudhury Jun 11 '22 at 02:53

AWS Cognito User Pool Custom Authentication Lambdas Not Triggering

1 Answers1