I'm currently using amazon-cognito-identity-js
and CognitoIdentityServiceProvider
and following this article https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/CognitoIdentityServiceProvider.html
When calling listUsersInGroup
function I'm initializing the this.cognitoProvider
with accessKeyId
and secretAccessKey
Is there a way I can use the CognitoIdentityServiceProvider
without specifying accessKeyId
and secretAccessKey
? I don't want to specify these keys since it contains sensitive information
This works
import { Config, CognitoIdentityCredentials, CognitoIdentityServiceProvider } from "aws-sdk";
export default class CognitoAuth {
configure(config) {
if (typeof config !== 'object' || Array.isArray(config)) {
throw new Error('[CognitoAuth error] valid option object required')
}
this.userPool = new CognitoUserPool({
UserPoolId: config.IDENTITY_POOL_ID,
ClientId: config.CLIENT_ID
})
this.cognitoProvider = new CognitoIdentityServiceProvider({
region: config.REGION,
accessKeyId: config.ACCESS_KEY_ID,
secretAccessKey: config.SECRET_ACCESS_KEY
});
Config.region = config.REGION
Config.credentials = new CognitoIdentityCredentials({
IdentityPoolId: config.IDENTITY_POOL_ID
})
this.options = config
}
getUsersInGroup(context, cb) {
var params = {
GroupName: context.group,
UserPoolId: this.options.IDENTITY_POOL_ID
};
this.cognitoProvider.listUsersInGroup(params, (err, data) => {
if (err) console.log(err, err.stack)
else cb(null, data.Users)
})
}
}
This don't work
this.cognitoProvider = new AWS.CognitoIdentityServiceProvider({ apiVersion: '2016-04-18' })
but I'm getting error ConfigError: Missing region in config
As per your linked documentation page, calling the listUsersInGroup
requires developer credentials, so these must be provided somehow.
If you look at Setting credentials in Node.js , there are different ways to pass them, eg, if running this function on a Lambda (or on an EC2 instance), it will use the Lambda (or EC2 instance) role permissions to call the method and credentials never have to be passed. Other options are using environment variables ( AWS_ACCESS_KEY_ID
/ AWS_SECRET_ACCESS_KEY
) or shared credentials file.
However, your immediate problem seems to be regarding the region. While in the working block it is passed with region: config.REGION,
, it is missing from the non working block. You can fix that by passing the region
parameter when instantiating CognitoIdentityServiceProvider:
this.cognitoProvider = new AWS.CognitoIdentityServiceProvider({
apiVersion: '2016-04-18',
region: 'us-east-1' // use your region
});
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.