Cognito user migrate lambda runs successful, but in amplify login forms it states invalid username/ psw combination

Hi, I have configured a migrate user lambda trigger in my Cognito user pool. It gets called when a user logs in and it returns successfully when it a user/psw can be validated against a rest service. However in the amplify UI, I get NotAuthorizedException: Incorrect username or password and also the user is not properly created in the Cognito pool. I assigned the lambda 512 MB of memory and timeout 30 seconds. I gave it cognito full acces in IAM (probably not needed) Maybe the result i return from the lambda is not correct. But I double checked it with the docs.

The return value of lambda :

{
   "version":"1",
   "triggerSource":"UserMigration_Authentication",
   "region":"eu-central-1",
   "userPoolId":"<mypoolid>",
   "userName":"stijn2",
   "callerContext":{
      "awsSdkVersion":"aws-sdk-unknown-unknown",
      "clientId":"*****<myCliendId>*****"
   },
   "request":{
      "password":"myPSW",
      "validationData":{
         "myCustomKey":"myCustomValue"
      },
      "userAttributes":"None"
   },
   "response":{
      "userAttributes":{
         "email":"stijn2@someprovider.be",
         "email_verified":"true",
         "username":"stijn2"
      },
      "forceAliasCreation":"None",
      "enableSMSMFA":"None",
      "finalUserStatus":"CONFIRMED",
      "messageAction":"SUPPRESS",
      "desiredDeliveryMediums":"None"
   }
}

The Python lambda code :

import json
import logging
import os
import requests
import urllib.parse
import boto3

logger = logging.getLogger()
logger.setLevel(logging.INFO)

def lambda_handler(event, context):
    logger.info(event)
    event["response"]["userAttributes"] = {}
    
    if event["triggerSource"] == "UserMigration_Authentication":
        result = auth_user(event["userName"], event["request"]["password"])
        if result:
          if "email" in result:
              event["response"]["userAttributes"]["email"] = result["email"]
              event["response"]["userAttributes"]["email_verified"] = "true"
          event["response"]["finalUserStatus"] = "CONFIRMED"
    elif event["triggerSource"] == "UserMigration_ForgotPassword":
        result = find_user(event["userName"] )
        if result:
          if "email" in result:
              event["response"]["userAttributes"]["email"] = result["email"]
              event["response"]["userAttributes"]["email_verified"] = "true"
          
    event["response"]["userAttributes"]["username"] = event["userName"]          
    event["response"]["messageAction"] = "SUPPRESS"

    logger.info("Lambda return value event {}".format(event))
    return event
    
def auth_user(userName, password):
   params = {"userName": userName, "plainTextPsw": password}        
   querystring = urllib.parse.urlencode(params)
   url = "{}/login?{}".format(os.environ.get("REDWOOD_LOGIN_URL"), querystring)
   response = requests.get(url)
   response_json = response.json()
   logger.info("redwood auth_user response: {}".format(response_json)) 
   
   return response_json
   
def find_user(userName):
   params = {"userName": userName}        
   querystring = urllib.parse.urlencode(params)
   url = "{}/user-by-principal?{}".format(os.environ.get("REDWOOD_LOGIN_URL"), querystring)
   response = requests.get(url)
   response_json = response.json()
   logger.info("redwood find_user response: {}".format(response_json)) 
   
   return response_json