ConfirmDevice function not working with React JS code with serverless

0

I am getting this

API Error: InvalidParameterException: Found negative value for salt or password verifier. I tried to follow many approaches but not able to solve it.

FYI: I am trying this with Postman API calls, so I am able to sign-in, & authorize by API and getting accessToken very well as well as able to do MFA challange too in API, but as soon as I call the confirmDevice function it never works. I tried this approach too https://repost.aws/knowledge-center/cognito-user-pool-remembered-devices but not able to get how this forumula works For PasswordVerifier PasswordVerifier = g( SHA256_HASH(salt + FULL_PASSWORD) ) (mod N)

asked 9 months ago276 views
1 Answer
0

Hello,

I understand that you are facing an error (InvalidParameterException: Found negative value for salt or password verifier) while trying to call the ConfirmDevice API and you want some insight into the PasswordVerifier formula.

This error usually occurs in the following use cases:

1→ Using old version of Amplify. If you are using Amplify and an old version, you might run into this error. Further details can be read here [2] on this Github issue.

2→ The calculated password verifier value/ salt value is incorrect. With the DeviceGroupKey and DeviceKey, you would have to use the Secure Remote Password (SRP) protocol to create a secret. This generates a salt and a password verifier. The formula for password verifier would be as follows: => PasswordVerifier = g( SHA256_HASH(salt + FULL_PASSWORD) ) (mod N)

Note: for the values of g and N refer the documentation

[+] https://github.com/aws-amplify/amplify-js/blob/master/packages/amazon-cognito-identity-js/src/AuthenticationHelper.js#L57

The article below discusses the same issue and has an elaborate details regarding the issue. Please go through the article for further insight into the issue.

[+] https://repost.aws/questions/QUp7x1PyHdSC6wKCAkmKZYGA/aws-cognito-deviceconfirm-sending-invalidparameterexception-found-negative-value-for-salt-or-password-verifier

That being said, to further look into this issue more closely, if you would like to do a resource based troubleshooting, please raise a support case with AWS for further information. If a support case has already been created please be assured that we will get back to you and assist you in the best way possible.

[+] https://console.aws.amazon.com/support/home#/case/create

AWS
Shreeya
answered 9 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions