2回答
- 新しい順
- 投票が多い順
- コメントが多い順
0
Hi.I hope this link will help you.(written in Japanese so please translate it.)
https://dev.classmethod.jp/articles/how-to-check-the-cognito-authentication-log/
it says you can not get username but usersub(user id) from InitiateAuth event.
0
I think you have the wrong event. Here is what a successful login looks like (an unsuccessful login includes an "errorCode": "NotAuthorizedException"
attribute):
{
"eventVersion": "1.08",
"userIdentity": {
"type": "Unknown",
"principalId": "Anonymous"
},
"eventTime": "2023-08-23T20:44:04Z",
"eventSource": "cognito-idp.amazonaws.com",
"eventName": "RespondToAuthChallenge",
"awsRegion": "us-east-1",
"sourceIPAddress": "<snip --X-- snip>",
"userAgent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36",
"requestParameters": {
"clientId": "<snip --X-- snip>",
"challengeName": "PASSWORD_VERIFIER",
"challengeResponses": "HIDDEN_DUE_TO_SECURITY_REASONS",
"clientMetadata": {}
},
"responseElements": {
"challengeParameters": "HIDDEN_DUE_TO_SECURITY_REASONS",
"authenticationResult": {
"accessToken": "HIDDEN_DUE_TO_SECURITY_REASONS",
"expiresIn": 3600,
"tokenType": "Bearer",
"refreshToken": "HIDDEN_DUE_TO_SECURITY_REASONS",
"idToken": "HIDDEN_DUE_TO_SECURITY_REASONS",
"newDeviceMetadata": {
"deviceKey": "us-east-1_ad4<snip --X-- snip>",
"deviceGroupKey": "<snip --X-- snip>"
}
}
},
"additionalEventData": {
"sub": "<***THIS IS THE COGNITO ID THAT YOU ARE LOOKING FOR IN HERE***>"
},
"requestID": "7a17ea29-1b2b-47f3-be72-d10de8a06aea",
"eventID": "<snip --X-- snip>",
"readOnly": false,
"eventType": "AwsApiCall",
"managementEvent": true,
"recipientAccountId": "<snip --X-- snip>",
"eventCategory": "Management",
"tlsDetails": {
"tlsVersion": "TLSv1.2",
"cipherSuite": "ECDHE-RSA-AES128-GCM-SHA256",
"clientProvidedHostHeader": "cognito-idp.us-east-1.amazonaws.com"
}
}
回答済み 9ヶ月前
関連するコンテンツ
- 質問済み 10ヶ月前
- AWS公式更新しました 2年前
- AWS公式更新しました 1年前
- AWS公式更新しました 2年前
I followed the instructions by enabling 'advanced security' in the Cognito user pool (which comes at an additional cost of $0.05 per Monthly Active User for the first 50.000). However, this results in usernames being add to the logs ONLY when using the management console to login to your account. Using the hosted UI of the Cognito userpool this has the "HIDDEN_DUE_TO_SECURITY_REASONS" value.