Passer au contenu
En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation
AWS re:Postre:Post
À propos de re:Post

Duplicate User Entries Issue in Amazon Cognito

0

We are using Amazon Cognito as our identity management solution for user registration and authentication. Our requirement is to ensure that each user is uniquely identified by their email address. However, we have noticed that when a user registers using their email, and subsequently registers again using social identity providers such as Google or Facebook, it creates duplicate entries in our user pool, causing data inconsistency.

Issue Description: The problem arises when a user first registers with their email, and later decides to sign in using either Google or Facebook. Instead of updating the existing user entry with the new identity provider, a new user entry is created, leading to multiple accounts for the same email address.

Expected Behavior: We expect Amazon Cognito to identify that the email address is already registered and update the user entry with the additional identity provider data, rather than creating a new entry.

Sujets
Sécurité, identité et conformité
Balises
Amazon Cognito
Langue
English
demandé il y a 2 ans1,3 k vues
2 réponses
1

Hi, to avoid this, customers usually us the Cognito pre-sign up trigger with a Lambda taking appropriate action based on requirements: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-sign-up.html

There is a good Github repo with sample code: https://github.com/vhalbuquerque/pre-signup-lambda

Best, Didier

EXPERT
répondu il y a 2 ans
EXPERT
vérifié il y a 2 ans
  • Mikel Del Tio EXPERT
    il y a 2 ans

    Just mention that the provided example ensures that there are no duplicates entries in the user pool, but it does not allow a user to access with the same email from different identity providers.

0

Thank you for your response. While your solution to preventing duplicate entries in Amazon Cognito is helpful, our specific requirement involves handling social identity provider logins and ensuring a single user entry with multiple linked identities.

We've identified that our issue arises when a user registers with their email and later signs in using social identity providers like Google or Facebook.

So how we can resolve this ?

répondu il y a 2 ans
  • Mikel Del Tio EXPERT
    il y a 2 ans

    Hi,

    According to the AWS documentation, you can link multiple identity providers (IdPs) to the same user profile in your Cognito directory, usually by automating the AdminLinkProviderForUser action on the pre-signup Lambda trigger, but you will always find both the linked local user and the automatically-created federated user when you search users in your user pool.

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Contenus pertinents