SignIn with confirmed user failed

[Jasminou]

Do you want to request a feature or report a bug?
report bug
What is the current behavior?
confirmed user can not signIn, i'm getting an error message: signin failed,
If the current behavior is a bug, please provide the steps to reproduce and if possible a minimal demo of the problem. Your bug will get fixed much faster if we can run your code and it doesn't have dependencies other than AWS Amplify.

i'm using AWS amplify, i'm able to sign up a user and getting verification code by email, once i confirm it, i receive succes, but when i tried to login in with my new user the sign in failed.

What is the expected behavior?
supposed to be able to sign in with the new confirmed user in my user pool
Which versions of Amplify, and which browser / OS are affected by this issue? Did this work in previous versions?
last version of amplify, browser : Google chrome/ Windows.
first time i'm using amplify dont know if its was working before
You can turn on the debug mode to provide more info for us by setting window.LOG_LEVEL = 'DEBUG'; in your app.

[richardzcode]

Hey @Jasminou could you set LOG_LEVEL to 'DEBUG'? Then we can have detailed logs of what was happening during sign in.

[Jasminou]

yes,sure this is what I've when i try to sign in with a confirmed user, ( i don't know if i miss a something in the configuration of the user pool) ,because when i create a user from aws console via the website, it works. thx for your helps @richardzcode

[Jasminou]

@richardzcode here is the network request
status code 200
{"ChallengeName":"PASSWORD_VERIFIER",
"ChallengeParameters":{"SALT":"8644d44fff86479d76d93ebeeada0501",
"SECRET_BLOCK":"mAJRhJhJPTWxxxxxc/nk",
"SRP_B":"d8xxxxxxxxxx",
"USERNAME":"yasmine",
"USER_ID_FOR_SRP":"yasmine"}}

status code 200
{"AuthenticationResult":
{"AccessToken":"e8q_xxxxxxxx,"ExpiresIn":3600,
"IdToken":"uDxxxxxxxxg",
"RefreshToken":"Txxxxxxx","TokenType":"Bearer"},"ChallengeParameters":{}}

status code 200
{"AuthenticationResult":
{"AccessToken":"e8q_xxxxxxxx,"ExpiresIn":3600,
"IdToken":"uDxxxxxxxxg",
"RefreshToken":"Txxxxxxx","TokenType":"Bearer"},"ChallengeParameters":{}}

status code 400
{"__type":"ValidationException",
"message":"1 validation error detected: Value 'us-east-2:829033370241:userpool/us-east-2_xxxxxx' at 'identityPoolId' failed to satisfy
constraint: Member must satisfy regular expression pattern: [\w-]+:[0-9a-f-]+"}

[richardzcode]

Looks like it is challenging with 'PASSWORD_VERIFIER' which Amplify does not handle right now. I am looking into this right now.

[Jasminou]

ok thx, do you think its possible to have a work around to change the 'password_verifier' and use another challenging that is supported ?

[richardzcode]

Sorry @Jasminou . I was wrong. Actually 'PASSWORD_VERIFIER' was not the cause, it is handled internally in cognito, so we don't need to do anything for it. From the sequence of network and logs, confirmation actually succeeded. But loading credentials with the session failed.

I am guessing you are not using Mobile Hub aws_exports.js? Is it okay for you to share what you have configured to identityPoolId?

[richardzcode]

If not, could you confirm if it follows pattern of [\w-]+:[0-9a-f-]+?

Basically that means something like: us-east-1:b0ee1234-5ae6-7c89-0123-45dd67890c1d, notice latter part must not have letters outside of a - f.

[Jasminou]

@richardzcode , yes i'm not using mobile Hub aws_export.js, yes it's possible to share, below my config:
` amplify: {
Auth: {

  identityPoolId: 'us-east-2:829033370241:userpool/us-east-2_HBVMSuMGx',
  region: 'us-east-2',
  userPoolId: 'us-east-2_HBVMSuMGx',
  userPoolWebClientId: '369dr816imj748s1oqik954f08',

}
}

[richardzcode]

I think the 'identityPoolId' is wrong. Remove the userpool part may work.

  identityPoolId: 'us-east-2:829033370241',
  region: 'us-east-2',
  userPoolId: 'us-east-2_HBVMSuMGx',
  userPoolWebClientId: '369dr816imj748s1oqik954f08',

[Jasminou]

@richardzcode, removing the part with the userpool don't fixe the problem, also i've this message error, when i remove the userpool part: {"__type":"ResourceNotFoundException","message":"IdentityPool 'us-east-2:829033370241' not found."}

[Jasminou]

@richardzcode , how the sign in work fine when i create a user from the console of the identityPoolId is wrong, the identityPoolID is suppose to match the Pool ARN config right ?

[Jasminou]

@richardzcode , i found this, https://forums.aws.amazon.com/thread.jspa?threadID=231553
but what if we dont want to support a federated user pool in my app?

[richardzcode]

yes that thread is correct. Basically user pool is for user management, identity pool for authenticating aws service requests.

[Jasminou]

ok thx i will try to follow what they said thx again for u help

[Jasminou]

@richardzcode you were right, the pool id was wrong, its working now

[richardzcode]

@Jasminou we are working on #655 which means your sign in wouldn't fail without identity pool. However in this case client don't have credentials although signed in. Theoretically if you don't consume other AWS services this should be okay.

[github-actions]

This issue has been automatically locked since there hasn't been any recent activity after it was closed. Please open a new issue for related bugs.

Looking for a help forum? We recommend joining the Amplify Community Discord server *-help channels or Discussions for those types of questions.