2 個答案
- 最新
- 最多得票
- 最多評論
0
Hi.I hope this link will help you.(written in Japanese so please translate it.)
https://dev.classmethod.jp/articles/how-to-check-the-cognito-authentication-log/
it says you can not get username but usersub(user id) from InitiateAuth event.
0
I think you have the wrong event. Here is what a successful login looks like (an unsuccessful login includes an "errorCode": "NotAuthorizedException"
attribute):
{
"eventVersion": "1.08",
"userIdentity": {
"type": "Unknown",
"principalId": "Anonymous"
},
"eventTime": "2023-08-23T20:44:04Z",
"eventSource": "cognito-idp.amazonaws.com",
"eventName": "RespondToAuthChallenge",
"awsRegion": "us-east-1",
"sourceIPAddress": "<snip --X-- snip>",
"userAgent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36",
"requestParameters": {
"clientId": "<snip --X-- snip>",
"challengeName": "PASSWORD_VERIFIER",
"challengeResponses": "HIDDEN_DUE_TO_SECURITY_REASONS",
"clientMetadata": {}
},
"responseElements": {
"challengeParameters": "HIDDEN_DUE_TO_SECURITY_REASONS",
"authenticationResult": {
"accessToken": "HIDDEN_DUE_TO_SECURITY_REASONS",
"expiresIn": 3600,
"tokenType": "Bearer",
"refreshToken": "HIDDEN_DUE_TO_SECURITY_REASONS",
"idToken": "HIDDEN_DUE_TO_SECURITY_REASONS",
"newDeviceMetadata": {
"deviceKey": "us-east-1_ad4<snip --X-- snip>",
"deviceGroupKey": "<snip --X-- snip>"
}
}
},
"additionalEventData": {
"sub": "<***THIS IS THE COGNITO ID THAT YOU ARE LOOKING FOR IN HERE***>"
},
"requestID": "7a17ea29-1b2b-47f3-be72-d10de8a06aea",
"eventID": "<snip --X-- snip>",
"readOnly": false,
"eventType": "AwsApiCall",
"managementEvent": true,
"recipientAccountId": "<snip --X-- snip>",
"eventCategory": "Management",
"tlsDetails": {
"tlsVersion": "TLSv1.2",
"cipherSuite": "ECDHE-RSA-AES128-GCM-SHA256",
"clientProvidedHostHeader": "cognito-idp.us-east-1.amazonaws.com"
}
}
已回答 9 個月前
相關內容
- AWS 官方已更新 2 年前
- AWS 官方已更新 1 年前
- AWS 官方已更新 2 年前
- AWS 官方已更新 1 年前
I followed the instructions by enabling 'advanced security' in the Cognito user pool (which comes at an additional cost of $0.05 per Monthly Active User for the first 50.000). However, this results in usernames being add to the logs ONLY when using the management console to login to your account. Using the hosted UI of the Cognito userpool this has the "HIDDEN_DUE_TO_SECURITY_REASONS" value.