- Newest
- Most votes
- Most comments
- I see that your logs include personal identifiable data. Please consider redacting UserName, name and email from your post.
- The documentation for the admin-get-user API (and others that take the username argument) it says that you can use the sub under the condition that the username isn't an alias attribute in your user pool. I would assume that is what fails you in this case - the sub is not recognized as the username.
I think you have two options from here: Option 1: check the users in your UserPool for what value is stored in the username field. If it is a value that you can retrieve from the request details, provide it in the API call accordingly. Or make sure your UserPool stores a unique value that you can retrieve from the request details, like email. Option 2: use the list-users API and filter for the sub attribute or any other unique identifier you can retrieve from the request details.
(Not sure about the "aws-sdk-unknown-unknown" but should not be relevant for this to otherwise work.)
How did it go? Were you able to resolve the issue?
Even if the user information is fake, it would be better to redact it, replace it with common placeholders (Jon/ Jane Doe, or localized equivalents, with example.com domain) or mask it (g***@.). There is a very small but non-zero chance that a user with these details may exist in the future.
Fixed! As usual devil is in details, I had forgotten to add an important statement after “import boto3”
client = boto3.client(‘cognito-idp’; region_name=‘*****’)
“All is well that ends well!”
Thank you all
Relevant content
- asked 7 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
I will try Option #1, THX As for the personal data, don't worry, they are fake, I edited them before publishing them.