By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Signing in with social (Google, Facebook) throws error "Already found an entry for username"

0

Currently seeing this issue with the presignup trigger.

Cognito allows you to create social accounts that are disconnected from a cognito native accounts (but with the same email), so to solve that we're automatically creating a cognito native account in the presignup trigger and linking it.

However, when we do this, the first call to authenticate fails with "Already found an entry for username...".

Attempting to login again previously worked as a super hacky workaround, but now even that seems to not be working.

What's going on with this system? We've been using it in production for probably 3-4 years now, and almost have an entirely AWS stack. The difference between EC2 or RDS and Cognito is night and day. There's been almost 0 new features, and there's a massive backlog of issues being raised on forums and on AWSAmplify that are directly related to the Cognito backend.

Can we get an actual response other than "it's on the roadmap"? There's questions about this dating back to 4 years ago, and somehow this isn't even mentioned in the documentation yet.

By the way, here is a fantastic post on a bunch of other issues. Surprise surprise, this ones listed there too:

https://www.reddit.com/r/aws/comments/m77p5g/aws_cognito_amplify_auth_bad_bugged_baffling/

For the record, we're actively looking to move away from Cognito, and we'll likely be taking several other parts of our stack along with it. The product has a lot of potential, but all the problems you need to work around can turn an hour long task into an all day debugging session.

For anyone finding this post that is at the early stages of their Cognito journey I would highly recommend looking at something like Auth0 instead. Don't be fooled by the price, you get what you pay for with Cognito (which is basically nothing)

Topics
Security, Identity, & Compliance
Tags
Amazon Cognito User Pools
Language
English
Harrison
asked 2 years ago499 views
1 Answer
0

We are experiencing the same issue and I can refer to this github issue for detailed description of the issue.

This really needs to be fixed

https://github.com/aws-amplify/amplify-flutter/issues/1716

When using the following PreSignUp lambda function to merge two accounts (OAuth and native cognito accounts), and allow users to use either options to signup, an exception is raised in the login flow, when the user initially creates their account. After the first sign up, the flow works as expected.

There are stackoverflow threads and blog posts on how to work around this issue, e.g. restarting the auth flow, or just not using adminLinkProviderForUser function:

https://stackoverflow.com/questions/47815161/cognito-auth-flow-fails-with-already-found-an-entry-for-username-facebook-10155 https://bobbyhadz.com/blog/aws-cognito-amplify-bad-bugged#oauth-registration-with-amplify My PreSignUp trigger is based on: https://bobbyhadz.com/blog/aws-cognito-link-user-accounts

I use an entire custom flow to replace a password-based login with an OTP flow, based on this aws blog post https://aws.amazon.com/de/blogs/mobile/implementing-passwordless-email-authentication-with-amazon-cognito/

Exception: AuthException(message: invalid_request: Already found an entry for username zPW8WMWZaBQLkE9JRMBkonMdvfI1WJ/Ds0K0pgQTM/g=, recoverySuggestion: Retry the webUi signIn, underlyingException: Der Vorgang konnte nicht abgeschlossen werden. (com.amazon.cognito.AWSCognitoAuthErrorDomain-Fehler -3000.))

Mike
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content