pythonapiboto3amazon-cognitopassword-less

Passwordless authentication flow using Cognito & API Gateway & Lambda (Python)


I've been trying to implement passwordless authentication using AWS Cognito & API Gateway & Lambda (Python)

I have followed these articles: https://medium.com/digicred/password-less-authentication-in-cognito-cafa016d4db7 https://medium.com/@pjatocheseminario/passwordless-api-using-cognito-and-serverless-framework-7fa952191352

I have configured Cognito (to accept CUSTOM_AUTH), added the Lambdas, and created the API endpoints:

/sign-up 
/initiate-auth (aka initiate login)
/respond-to-auth-challenge (aka (verify login)

When calling initiateAuth I receive the following response: An error occurred (NotAuthorizedException) when calling the InitiateAuth operation: Incorrect username or password."

I'm using CUSTOM_AUTH which doesn't require password, and the user name is definitely correct because it actually initiates the authentication flow and I receive a code, however because boto3 doesn't respond with a session I can't continue the authentication.

This is how I call Cognito:

res = cognito.initiate_auth(
        ClientId=client_id,
        AuthFlow="CUSTOM_AUTH",
        AuthParameters={
            "USERNAME": email,
            "PASSWORD": random_password  
            }
        )

It's probably something small I'm missing but I can't figure out what.


Solution

  • I was facing the same error, and I think that the error message is misleading. When you did not respond correctly in Create-Auth-Challenge lambda, you will get this error. So make sure everything is right in your lambda.