使用 AWS re:Post 即表示您同意 AWS re:Post 使用條款
AWS re:Postre:Post

Amplify - Existing Users In Pool Cannot Authenticate with New REST API (new users can)

0

We recently introduced a new REST api into our amplify application using amplify add api, Restrict API Access? Y, Auth/Guest Users: Authenticated users only, create, read, update, delete.

When I attempt to access the API with a user who registered before the API was introduced, they get an "Error: Request failed with status code 403" response.

When I create a new user, they get a 200 success response.

If I remove "Restrict API Access" everyone can use the API.

How can I resolved this issue for my existing users?

主題
無伺服器前端網頁與行動裝置網路與內容交付安全性、身分識別與合規
標籤
Amazon API GatewayAWS AmplifyAmazon Cognito User Pools
語言
English
Clint
已提問 1 年前檢視次數 376 次
2 個答案
0
已接受的答案

Ok, I found an answer to this. Here's a github issue that amplify-js team was nice enough to field for me.

https://github.com/aws-amplify/amplify-js/issues/11197

Restricting access by "Authenticated user" - "User needs to sign in to use the REST API" will NOT authenticate any users who have been added to a "group". Users in "groups" need to have one or more of their Groups explicitly added to the authentication.

Clint
已回答 1 年前
0

Is it possible you have 2 Cognito user pools? Pool A was created with your original API, and Pool B was created with your new API? That would explain the behavior with existing users. If that is the case, I think you can run amplify import auth and import the first pool.

John Vold
已回答 1 年前
  • Clint
    1 年前

    Thanks for the prompt reply. This is not the case. Both old (Pre-API Deploy) and new (Post-API Deploy) users can log into the app and are contained in the same user pool. I've tried fresh incognito browsers to see if it's cookie or cache related with no help. I'm not clear how authentication is deployed via Amplify in this case. How can I troubleshoot this?

您尚未登入。 登入 去張貼答案。

一個好的回答可以清楚地回答問題並提供建設性的意見回饋,同時有助於提問者的專業成長。

回答問題指南

相關內容