By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Cognito AdminUpdateUserAttributes fails - user name "failed to satisfy constraint" with an incorrect RegEx

0

Hello,

I'm trying to update a user in my Cognito user pool with AdminUpdateUserAttributes (C++ SDK). However I get the following error: INVALID_PARAMETER 1 validation error detected: Value at 'username' failed to satisfy constraint: Member must satisfy regular expression pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+

The name I'm passing to SetUsername contains brackets - it's of the format "Name (Details)" - for example "Bill (Admin)". This is the preferred_username of the user - my user pool is set to "Allow users to sign in with a preferred user name" and the user name is case-sensitive. The user *does *exist in the user pool and the name I'm passing *does *exactly match (with the correct case) the stored name.

I'm pretty sure it's nothing to do with the *setup *of my user pool, as other user names work fine. And I'm pretty sure that the name satisfies the regular expression pattern (I've used a RegEx checker to confirm this). Passing this same name to other Cognito functions (for example, InitiateAuthRequest) works fine. Is this a bug in AdminUpdateUserAttributes, or am I doing something wrong? The only thing I can see that might be causing an issue is that the RegEx parsing for this user name results in two matches, rather than one...

Thank you

Liam

Topics
Security, Identity, & Compliance
Tags
Amazon Cognito
Language
English
Liam
asked 16 days ago55 views
1 Answer
0

The error message you're receiving, "INVALID_PARAMETER 1 validation error detected: Value at 'username' failed to satisfy constraint: Member must satisfy regular expression pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+", is indicating that the username you're trying to update does not match the required pattern.

The regular expression [\p{L}\p{M}\p{S}\p{N}\p{P}]+ is a Unicode-aware pattern that matches one or more characters of the following types:

  • \p{L}: Any letter character from any language
  • \p{M}: Any spacing or combining mark character
  • \p{S}: Any symbol character
  • \p{N}: Any numeric character
  • \p{P}: Any punctuation character

The issue you're facing is likely due to the presence of the parentheses () in the username. The parentheses are not considered valid characters in the regular expression pattern.

To resolve this issue, you can try the following:

  1. Modify the username format: Consider modifying the format of the username to remove the parentheses, such as "Bill_Admin" instead of "Bill (Admin)". This should allow the AdminUpdateUserAttributes operation to succeed.

  2. Use a different attribute: Instead of updating the username, you can try updating a different user attribute, such as the preferred_username attribute, which may have a different validation pattern.

  3. Perform a workaround: As a workaround, you could first use the AdminGetUser operation to retrieve the current user attributes, then use AdminUpdateUserAttributes to update the desired attributes, excluding the username.

Here's an example of how you could perform the workaround:

// Retrieve the current user attributes
GetUserResponse getUserResponse = cognitoIdentityProvider.AdminGetUser(GetUserRequest()
    .WithUsername(username)
    .WithUserPoolId(userPoolId));

// Update the desired attributes, excluding the username
UpdateUserAttributesRequest updateRequest;
updateRequest.SetUserAttributes(getUserResponse.GetUser().GetAttributes());
// Modify the desired attributes here
updateRequest.SetUserPoolId(userPoolId);
updateRequest.SetUsername(username);

// Update the user attributes
UpdateUserAttributesOutcome updateOutcome = cognitoIdentityProvider.AdminUpdateUserAttributes(updateRequest);

If none of these approaches work, you may need to consider contacting AWS Support to investigate further or provide feedback on the SDK behavior.

AWS
JonQ
answered 15 days ago
  • Liam
    15 days ago

    Hello JonQ, Thanks for your detailed answer. This is actually in some test code I'm writing, so fortunately I don't need to update any existing users, but I would rather not have to exclude parentheses when a new user enters their name unless I have to; it seems an unnecessary limitation for my users. I'm not sure the parentheses themselves are the problem, anyway - I would have thought they were covered by \p{S} or \p{P}. And if I exclude the space (i.e. use "Name(Details)" , then Cognito doesn't have a problem with the name. Looks like I'm going to have to report this as a possible bug... Thanks Liam

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content