21224

Amazon Web Services (AWS) Cognito error “Token is not from a supported provider of this identity poo

<h3>Question</h3>

I am running this app from GitHub which allows a user to sign up and sign in to a Cognito Client App. I am using Eclipse IDE for Enterprise Java Developers Version: 2019-03 (4.11.0), Build id: 20190314-1200. I have ensured that I put all the necessary credentials accurately. I am able to sign up using both the form and the console.

When I try to sign in, I get an error in the console that says, "Token is not from a supported provider of this identity pool." using both form and console.

I have tried the answers on other posts on stackoverflow similar to this question. The cause of my error is different than the causes in those other posts.

The Console View and the code below are both when I use the form version of the app.

Here is a screenshot of the form:

Here is what the console shows, without the details of the error:

<blockquote>

{"sub":"52c99df9-f7ef-42b2-9127-9675ba4e2414","email_verified":false,"iss":"https://cognito-idp.us-east-1.amazonaws.com/us-east-1_d0Y5gS66r","phone_number_verified":true,"cognito:username":"*****","aud":"4feegfdtp0dbt9atu56vruuv37","event_id":"c77eff2c-01ad-42c3-8dac-a4849dc297c6","token_use":"id","auth_time":1560793958,"phone_number":"+***********","exp":1560797558,"iat":1560793958,"email":"********"}

User is authenticated:eyJraWQiOiJ4K1piekppSWN4RjZtbDVENjVSQXAySlBOQ0ROK2FmU3Fpc1BnSDE0c3ZvPSIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiI1MmM5OWRmOS1mN2VmLTQyYjItOTEyNy05Njc1YmE0ZTI0MTQiLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsImlzcyI6Imh0dHBzOlwvXC9jb2duaXRvLWlkcC51cy1lYXN0LTEuYW1hem9uYXdzLmNvbVwvdXMtZWFzdC0xX2QwWTVnUzY2ciIsInBob25lX251bWJlcl92ZXJpZmllZCI6dHJ1ZSwiY29nbml0bzp1c2VybmFtZSI6InlhaG9vMDMiLCJhdWQiOiI0ZmVlZ2ZkdHAwZGJ0OWF0dTU2dnJ1dXYzNyIsImV2ZW50X2lkIjoiYzc3ZWZmMmMtMDFhZC00MmMzLThkYWMtYTQ4NDlkYzI5N2M2IiwidG9rZW5fdXNlIjoiaWQiLCJhdXRoX3RpbWUiOjE1NjA3OTM5NTgsInBob25lX251bWJlciI6IisxOTAzMjc2MTA0NiIsImV4cCI6MTU2MDc5NzU1OCwiaWF0IjoxNTYwNzkzOTU4LCJlbWFpbCI6Im9sZS5nbm9sYXVtQGdtYWlsLmNvbSJ9.BqyjJJgOZcQP7yUDd3wDrrK4pNRs8BE8RvBzl2vIz248f3rgQ4fn1cd54azjtlplGkthbB0zA9xcd7gPJzqffd-3wS9RFevxkT4LfSiGF1UXGpIqHH_GhbMHA4dG6nKqBOmInvcn9gR1oblBszdbvUxE1poyP3MLvIi64vRvYm1P2kdikWlXl7qKH_RFivEmRMbpd4xpXH6Gjv3hxE6w2vn4O3oZkwz5eY-djUfbwy_uhItycPB3yZLGS8LU55vkrvyJrzHQLDu1U5AvkHGLZv1H7GveHm36RRwSGH5ZkCrtfkolRBN7wkqq9pGhh3jccqHN6Ml5L3XmH3irFNikfw

provider = cognito-idp.us-east-1.amazonaws.com/us-east-1_d0Y5gS66r

Exception in thread "JavaFX Application Thread"

com.amazonaws.services.cognitoidentity.model.NotAuthorizedException:

Token is not from a supported provider of this identity pool.

(Service: AmazonCognitoIdentity; Status Code: 400; Error Code:

NotAuthorizedException; Request ID:

b295ece8-9128-11e9-bb89-5d1e066e532b)

</blockquote>

Here is the code for the sign in button that I press to sign in:

signin_button = new Button("Sign-In"); Label auth_message = new Label(""); signin_button.setOnAction((ActionEvent e) -> { String result = helper.ValidateUser(Username.getText(), Password.getText()); if (result != null) { System.out.println("User is authenticated:" + result); auth_message.setText("User is authenticated"); JSONObject payload = CognitoJWTParser.getPayload(result); String provider = payload.get("iss").toString().replace("https://", ""); // Daniel Brower System.out.println("provider = " + provider); Credentials credentails = helper.GetCredentials(provider, result); ShowUserBuckets(credentails); } else { System.out.println("Username/password is invalid"); auth_message.setText("Username/password is invalid"); } });

The line of code with my name in the comment above it is code I put in myself.

I'm having trouble figuring out from what provider the token is from.

Here is a screenshot of my identity providers page in Cognito Console. I haven't selected any. Nothing says that there is an identity provider.

The error message says "Service: AmazonCognitoIdentity" in it. I think the provider would be Cognito Identity Provider. I even found classes with that name in it.


<h3>Answer1:</h3>

I had the wrong value for some reason to Cognito Console->Federated Identities->Edit identity pool->Cognito->App client id

I don't know how I got it wrong. I changed it to match the correct one of the Identity Pool.


<h3>Answer2:</h3>

This issue happens if your Federated Identity configuration is missing on your pool.

Open Federated Identities => Authentication providers

On the Cognito section change values as below

User Pool ID ex: test:us-east-1_Ab129f000 App client id ex: test:7lhlkkfbfb4q5kpp90urf000

That should be fix your issue

来源:https://stackoverflow.com/questions/56637042/amazon-web-services-aws-cognito-error-token-is-not-from-a-supported-provider

Recommend

  • Websocket closed code: 1006 Node Android okhttp3 AmazonEc2
  • Is one TaskManager with three slots the same as three TaskManagers with one slot in Apache Flink
  • Place label at center of doughnut chart
  • angularjs 2 with angular-material @angular/core not found
  • Why in comparing python tuples of objects is __eq__ and then __cmp__ called?
  • org.apache.hive.service.cli.HiveSQLException: java.lang.NoClassDefFoundError: org/apache/hadoop/ipc/
  • Dynamically setting the sum formula in excel
  • css keyframe transform not rotating more than 180 degrees
  • Wrapping words from HTML using XSL
  • Perserving TestSecurityContextHolder during pure binary websocket connection in Spring Boot test
  • Entity Framework Custom SQL Query returning generic type
  • View based NSTableView with each view contains 3 labels with should resize based on Text
  • Access knockout binding from child element
  • generatesDecimalNumbers for NumberFormatter does not work
  • Django: Require Checkbox to be ticked to Submit Form
  • Checking whether there are object attribute values in the HTML Code using Delphi
  • Why I getting the last promise?
  • Create calendar event using Microsoft Graph: ErrorAccessDenied
  • How to set ringtone in Android from my activity?
  • Raw sockets in monotouch
  • Visual Studio MSB3721 error when compiling a __device__ function call from another file
  • how to add dashed border on highcharts “area” graph for every point
  • C++ STL stack pop operation giving segmentation fault
  • DataTables move rows between tables
  • iphone image to video issue in video speed
  • Why my AngularJS async test in Jasmine 1.3.x is not working?
  • Capture SIGFPE from SIMD instruction
  • Using Service Component Runtime
  • How do I use TagLib-Sharp to write custom (PRIV) ID3 frames?
  • CAS 4 - Not able to retrieve the LDAP groups after successful authentication