1 回答
- 最新
- 投票最多
- 评论最多
0
The fact that the User Pool is "connected" to the Identity Pool only means that the Identity Pool will consider trusted any valid Identity Token issued by the User Pool and provided as part of the Auth.currentAuthenticatedUser();
to retrieve AWS credentials.
But this does not allow the client to understand to which Identity pool it has to communicate to with the Identity Token it received from the User Pool. You are missing a configuration and therefore got this error.
You can find an example for Javascript at: https://docs.amplify.aws/lib/auth/advanced/q/platform/js/#subscribing-events
import { Auth } from 'aws-amplify';
// To derive necessary data from the provider
const {
token, // the token you get from the provider
domainOrProviderName, // Either the domain of the provider(e.g. accounts.your-openid-provider.com) or the provider name, for now the library only supports 'google', 'facebook', 'amazon', 'developer'
expiresIn, // the time in ms which describes how long the token could live
user, // the user object you defined, e.g. { username, email, phone_number }
identity_id // Optional, the identity id specified by the provider
} = getFromProvider(); // arbitrary function
Auth.federatedSignIn(
domain,
{
token,
identity_id, // Optional
expires_at: expiresIn * 1000 + new Date().getTime() // the expiration timestamp
},
user
).then(cred => {
// If success, you will get the AWS credentials
console.log(cred);
return Auth.currentAuthenticatedUser();
}).then(user => {
// If success, the user object you passed in Auth.federatedSignIn
console.log(user);
}).catch(e => {
console.log(e)
});
as you can see identity_id
must be set for the client to know with which Identity Pool to communicate.
已回答 1 年前
相关内容
- AWS 官方已更新 2 年前