By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Identity not found in GetCredentialsForIdentityRequest

0

Hi all,
I created a SAML Identity Pool in Cognito and tried to get a JWT from a Java fat client.

AmazonCognitoIdentity  client=AmazonCognitoIdentityClientBuilder.standard()
                                  .withRegion(Regions.EU_CENTRAL_1)
                                  .build();
    
    Map<String,String> logins = new HashMap<String,String>();
    logins.put("arn:aws:cognito-identity:eu-central-1:123456789:identitypool/eu-central-1:fxxxxx-bxxx-4xxx-bxxx-1xxxxxxx3", "I wish I was a base64 SAML Assertion");
    
    GetCredentialsForIdentityRequest request=new GetCredentialsForIdentityRequest()
                                                 .withIdentityId("eu-central-1:fxxxx-bxxx-4xxx-xxx-xxxxb6f3")
                                                 .withLogins(logins);
   
    GetCredentialsForIdentityResult result= client.getCredentialsForIdentity(request);

Gave me

 com.amazonaws.services.cognitoidentity.model.ResourceNotFoundException: Identity 'eu-central-1:fxxxx-bxxx-4xxx-xxx-xxxxb6f3' not found. (Service: AmazonCognitoIdentity; Status Code: 400; Error Code: ResourceNotFoundException;

I already red about setting the region which I did but without any effect.
We double checked the identity pool id
Any Ideas what could went wrong with my call?

Thanks in advance

Topics
Security, Identity, & Compliance
Tags
Amazon Cognito
Language
English
drdimitri
asked 4 years ago650 views
1 Answer
0

Hi,

the secret has been unveiled. To connect as an anonymous user to a cognito identity pool you need these few lines of code:

AmazonCognitoIdentity  client=AmazonCognitoIdentityClientBuilder
                                  .standard()
                                  .withRegion(Regions.EU_CENTRAL_1)
                                  .withCredentials(new AWSStaticCredentialsProvider(new AnonymousAWSCredentials()))
                                  .build();

    
    Map<String,String> logins = new HashMap<String,String>();
    logins.put("arn:aws:iam::1234567890:saml-provider/my-saml-provider", "A base64 SAML response");
    
    GetIdRequest request = new GetIdRequest()
                                                 .withIdentityPoolId("eu-central-1:7xxxxx-cxxx-xxxx-xxx-xxxxx")
                                                 .withLogins(logins);
   
   GetIdResult result= client.getId(request);

In the logins map you have to put the arn of the SAML provider you created in IAM using the SAML Metadata.

Edited by: drdimitri on Dec 9, 2019 1:50 AM

Edited by: drdimitri on Dec 10, 2019 5:01 AM

drdimitri
answered 4 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content