- Newest
- Most votes
- Most comments
You can use following code as a workaround to get username from ctx.identity
. At least UI allows to save it and the value is correct.
const username = ctx.identity["username"]
Hi Denver
Look at this documentation here: https://docs.aws.amazon.com/appsync/latest/devguide/resolver-context-reference-js.html#aws-appsync-resolver-context-reference-identity-js
This shows you the structure of the identify object based on the used authentication method, for IAM (as you are using it) - .sub. doesnt exist!
Let me know if that answered your question.
Regards Johannes
@Lockhead certainly is correct in saying that type AppSyncIdentityIAM
does not have a sub
attribute.
However, I run into a similar issue which AFAICT can not be explained in the same way: I am using a Cognito userpool to auth & auth my users and my resolver code looks like this:
import { util } from '@aws-appsync/utils'
export function request(ctx) {
console.log("ctx.identity:", ctx.identity)
return {
operation: 'GetItem',
key: util.dynamodb.toMapValues({ user_id: ctx.identity.username }) # ERROR: see below
}
}
Trying to save this code in the AppSync Resolver online editor (or adding it using some IaC tool) fails with
error TS2339: Property 'username' does not exist on type 'Identity'.
Property 'username' does not exist on type 'AppSyncIdentityOIDC'
NOTE: This is type AppSyncIdentityOIDC
as opposed to AppSyncIdentityIAM
in @Denver's original question - which is not mentioned in the AWS docs linked by @Lockhead.
The console.log
output (in CloudWatch) shows that the username
attribute clearly does exist:
{
"claims": {
... (snipped) ...
},
"defaultAuthStrategy": "ALLOW",
"groups": null,
"issuer": "https://cognito-idp.us-east-1.amazonaws.com/us-east-1_(redacted)",
"sourceIp": [
"(redacted)"
],
"sub": "(redacted)",
"username": "(redacted: matches expectation)"
}
So, from where I am standing, this looks like an AWS bug to me.
I am able to work around this using the JSON.parse(JSON.stringify(ctx.identity))
approach @Denver mentioned.
Relevant content
- Accepted Answerasked a year ago
- asked 4 months ago
- asked a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 5 months ago
- AWS OFFICIALUpdated 3 years ago
It's very weird that
ctx.identity.username
is not working, but your suggestion is working!