amazon-web-services amazon-cognito aws-lambda

How to get the Cognito Identity id in AWS Lambda

How can I get the identity id of the user (logged in by AWS Cognito) that invoked an AWS Lambda function? Do I have to use the SDK on the Lambda function to get the identity id?

Solution

Per the docs, it looks like information about the identity provider would only be available for an invoke through the Mobile SDK.

To get around this, one option is to pass the identity ID to the function manually as part of the event. Assuming you are doing something like AWS.config.credentials = new AWS.CognitoIdentityCredentials(...) then you should be able to get the ID via AWS.config.credentials.identityId (after the credentials are refreshed).

EDIT: A better option for identity validation is to let Cognito/IAM handle it, and assume that if a user can successfully invoke a Lambda function, that means they are allowed to. In this case to manage per-user validation, take a look at whitelisting.

AWS Cloudwatch agent config file removed after startup
AWS lambda SQS does not allow to process 1 message per 1 invocation
How can I create a TLS/SSL connection to a mongodb instance on AWS with a certificate made by certificate manager? Health check failed
Cloudfront redirect when signed cookies not present
AWS Lambda and DynamoDB - updatetItem is not a function
AWS ElasticBeanstalk EC2 Termination Protection
Allowing AWS Cognito Users to authentication to JIRA via SAML/SSO (Domain Not found)
Install pgAgent on AWS RDS for Postgres
Row was updated or deleted by another transaction (or unsaved-value mapping was incorrect)
List all parameters in AWS SSM Parameter Store
AWS push_down_predicate not working with DynamoDb
localstack AWS S3 javascript error : getaddrinfo ENOTFOUND bucketname.localhost
AWS ECS agent won't start
AWS VPC (Virtual Private Cloud), rapidly increasing expenses
SemaphoreCI OIDC AWS connection
Can't delete AWS internet Gateway
How to provide multiple StringNotEquals conditions in AWS policy?
Not able to get ECS fargate metrics on Datadog
502 "Internal Server Error" with API Gateway + Lambda when deploying
Java Springboot application not able to connect to AWS Elasticache Valkey Cache (Serverless)
Splitting PDF with PyPDF2 in Lambda function
"libdbus-glib-1.so.2: cannot open shared object file: No such file or directory"
Partial credentials found in env, missing: AWS_SECRET_ACCESS_KEY
Best way to store Firebase admin private key file for AWS lambda
AWS Elastic Beanstalk and Secret Manager
Unable to upload data using sagemaker_session.upload_data in s3 bucket that I created, it is getting stored in default s3 bucket
Parse Aws IoT message in python
How to temporarily switch profiles for AWS CLI?
Python Sqlalchemy insert data into AWS Redshift
Using AWS Bedrock Prompt Management with InvokeCommand