Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

Identity not found in GetCredentialsForIdentityRequest

0

Hi all,
I created a SAML Identity Pool in Cognito and tried to get a JWT from a Java fat client.

AmazonCognitoIdentity  client=AmazonCognitoIdentityClientBuilder.standard()
                                  .withRegion(Regions.EU_CENTRAL_1)
                                  .build();
    
    Map<String,String> logins = new HashMap<String,String>();
    logins.put("arn:aws:cognito-identity:eu-central-1:123456789:identitypool/eu-central-1:fxxxxx-bxxx-4xxx-bxxx-1xxxxxxx3", "I wish I was a base64 SAML Assertion");
    
    GetCredentialsForIdentityRequest request=new GetCredentialsForIdentityRequest()
                                                 .withIdentityId("eu-central-1:fxxxx-bxxx-4xxx-xxx-xxxxb6f3")
                                                 .withLogins(logins);
   
    GetCredentialsForIdentityResult result= client.getCredentialsForIdentity(request);

Gave me

 com.amazonaws.services.cognitoidentity.model.ResourceNotFoundException: Identity 'eu-central-1:fxxxx-bxxx-4xxx-xxx-xxxxb6f3' not found. (Service: AmazonCognitoIdentity; Status Code: 400; Error Code: ResourceNotFoundException;

I already red about setting the region which I did but without any effect.
We double checked the identity pool id
Any Ideas what could went wrong with my call?

Thanks in advance

Themen
Sicherheit, Identität & Konformität
Tags
Amazon Cognito
Sprache
English
drdimitri
gefragt vor 4 Jahren660 Aufrufe
1 Antwort
0

Hi,

the secret has been unveiled. To connect as an anonymous user to a cognito identity pool you need these few lines of code:

AmazonCognitoIdentity  client=AmazonCognitoIdentityClientBuilder
                                  .standard()
                                  .withRegion(Regions.EU_CENTRAL_1)
                                  .withCredentials(new AWSStaticCredentialsProvider(new AnonymousAWSCredentials()))
                                  .build();

    
    Map<String,String> logins = new HashMap<String,String>();
    logins.put("arn:aws:iam::1234567890:saml-provider/my-saml-provider", "A base64 SAML response");
    
    GetIdRequest request = new GetIdRequest()
                                                 .withIdentityPoolId("eu-central-1:7xxxxx-cxxx-xxxx-xxx-xxxxx")
                                                 .withLogins(logins);
   
   GetIdResult result= client.getId(request);

In the logins map you have to put the arn of the SAML provider you created in IAM using the SAML Metadata.

Edited by: drdimitri on Dec 9, 2019 1:50 AM

Edited by: drdimitri on Dec 10, 2019 5:01 AM

drdimitri
beantwortet vor 4 Jahren

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt