New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AWS-Amplify API is always returning 403 unauthorized with angular #2810
Comments
@khaledshamat I don't think you need to configure the header because Amplify will do that for you. Can you check the following items:
|
Dear sir,
First of all let me thank you for the quick reply I really appreciate it.
I am Using Cognito to authenticate users, with IAM authentication in my rest api. And I have successfully did that without signing my request, but I have a weird behavior which I don’t know why it’s happening, I think that the user session should be saved somewhere, please check my post on stack overflow.com<http://overflow.com>:
https://stackoverflow.com/questions/55004371/angular-with-aws-amplify-api-and-auth-unexpected-behavior-leads-to-403-unauthori?noredirect=1#comment96775333_55004371
Kind regards,
Khaled.
On Mar 6, 2019, at 12:21 AM, Zhuo wen <notifications@github.com<mailto:notifications@github.com>> wrote:
@khaledshamat<https://github.com/khaledshamat> I don't think you need to configure the header because Amplify will do that for you. Can you check the following items:
1. Did you use Cognito Federated Identity Pool to retrieve the AWS Credentials?
2. Which authorization type are you using? https://aws-amplify.github.io/docs/js/api#manual-configuration
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub<#2810 (comment)>, or mute the thread<https://github.com/notifications/unsubscribe-auth/AqQ5_x041awpPWXNxw2pToZUDwUnUxnDks5vTu3-gaJpZM4bet1K>.
|
@khaledshamat if you are using IAM authentication, and as I could assume based on your config, you are using the Cognito Federated Identity Pool service right? In that case, you shouldn't do the following: const request = {
headers: {
Authorization: token
}
}; The amplify library will fetch the credentials internally and sign the request. Can you also open the debug mode by putting |
yeah after long time of researching I managed to get my request signed automatically but with this approach Im getting a weird behavior you can check my stack overflow post again I have updated it, I can get the right data from the request after signing in, but if I signed out and signed in again without refreshing the page it will throw 403 error till I hit refresh it will get the data. If I signed out after a successful call its still able to get the data from the api without authentication! Any advice on that? |
@khaledshamat can you open your developer tools and check on Application section -> Local Storage., there you could find the data that is stored by the library. On sign out should clean the tokens. |
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
This issue has been automatically closed because of inactivity. Please open a new issue if are still encountering problems. |
This issue has been automatically locked since there hasn't been any recent activity after it was closed. Please open a new issue for related bugs. Looking for a help forum? We recommend joining the Amplify Community Discord server |
AWS-Amplify using API.get() with angular to call Serverless API with IAM authentication is always returning 403 unauthorized, even though that I have followed all the instructions posted on GitHub and stackoverfolw,
here is my code for using api.get:
` async testApiCall() {
const user = await Auth.currentAuthenticatedUser();
const token = user.signInUserSession.idToken.jwtToken;
}`
and here is my config.ts:
export default { MAX_ATTACHMENT_SIZE: 5000000, s3: { REGION: "eu-central-1", BUCKET: "xxxxxx" }, apiGateway: { REGION: "eu-central-1", URL: "xxxxxxxx" }, cognito: { REGION: "eu-central-1", USER_POOL_ID: "xxxxxxxxxxxxxxxxx", APP_CLIENT_ID: "xxxxxxxxxxxxxxxxx", IDENTITY_POOL_ID: "xxxxxxxxxxxxxxxxx" } };
And here is what I have in environment.ts:
export const environment = { production: true, amplify: { Auth: { identityPoolId: 'xxxxxxxxxxx', region: 'eu-central-1', userPoolId: 'xxxxxxxxx', userPoolWebClientId: 'xxxxxxxxxxx' }, API: { endpoints: [ { name: "orders", endpoint: "xxxxxxxxx" } ] } } };
any suggestions please?
The text was updated successfully, but these errors were encountered: