how to add new user to cognito user poll with google token?

xIn a react app I'm trying to set up federated sign-in with Google using AWS Cognito. When a user signs in with Google, the federated sign-in is successful and I receive a token from Auth.federatedSignIn(). However, a new user is not being created in my Cognito user pool.

I can see that a new identity is being registered in my Cognito Federated Identities pool, but no corresponding user is being added to the user pool. I've checked that I have the correct userPoolId and userPoolWebClientId set up in my Amplify configuration, and that my identity provider is set to "Google". I've also tried setting federationTarget to "Google", but this didn't fix the issue.

Here's a simplified version of my Amplify configuration:

Amplify.configure({
  Auth: {
    region: 'us-east-1',
    userPoolId: ENV.COGNITO_USER_POOL_ID,
    userPoolWebClientId: ENV.COGNITO_CLIENT_ID
  },
  aws_cognito_region: 'us-east-1',
  aws_user_pools_id: ENV.COGNITO_USER_POOL_ID,
  aws_user_pools_web_client_id: ENV.COGNITO_CLIENT_ID,
  federationTarget: 'Google',
  identityProvider: 'Google',
  identityPoolId: 'us-east-1:xxxx-xxx-xxx-xxx-xxx',
  oauth: {
    domain: ENV.COGNITO_DOMAIN,
    scope: ['email', 'openid', 'profile'],
    redirectSignIn: `${window.location.origin}/login`,
    redirectSignOut: `${window.location.origin}/login`,
    responseType: 'code',
    userPoolId: ENV.COGNITO_USER_POOL_ID,
    userPoolWebClientId: ENV.COGNITO_CLIENT_ID,
    identityProvider: 'Google',
    userPoolGroupId: ENV.COGNITO_USER_POOL_ID,
    federationTarget: 'Google'
  }
});

const cognitoResponse = await Auth.federatedSignIn(
  'google',
  { token: googleToken, expires_at: exp },
  {
    name: given_name
  }
);

and also i have tried using authenticateUser using amazon-cognito-identity-js like so:

    const googleToken = response.credential;

    const googleData = parseToken(googleToken);

    const { email, given_name } = googleData;

    const authenticationData = {
      Username: email,
      password: googleToken,
      ValidationData: {
        token: googleToken
      },
      ClientMetadata: {
        token: googleToken
      },
      AuthParameters: {
        'cognito:oauth2:googleclientid':
          'my-client-id',
        'cognito:oauth2:id_token': googleToken
      }
    };

    const authenticationDetails = new AuthenticationDetails(authenticationData);

    const userData = {
      Username: email,
      Pool: UserPool
    };
    const cognitoUser = new CognitoUser(userData);

    cognitoUser.authenticateUser(authenticationDetails, {
      onSuccess: function (result) {
        console.log('Authentication successful:', result);
        // Save the access token and ID token to use for API calls
        const accessToken = result.getAccessToken().getJwtToken();
        const idToken = result.getIdToken().getJwtToken();
      },
      onFailure: function (err) {
        console.log('Authentication failed:', err);
      }
    });

but got "Incorrect username or password". So authenticateUser is not accepting idToken as password or any other parameter and handle it by itself.

I have open hosted-ui from cognito app client settings and click google sign-in. It successfully login to google and add new user to user pool. however I cannot achieve without using hosted-ui in my custom app. I need to register or log in user to cognito using google token and get cognito token in return in a custom way.

Recommended topics

Hot tags