Search code examples
tokenamazon-cognitoinsomniaawscognitotoken

Get Cognito token using Insomnia with awscognitotoken plugin

I look for the Authorization token used by Cognito in order to put it in the header of my tests. I need to test some backend API.

I am using Insomnia and the awscognitotoken plugin. However, I fail to configure it in order to get the token. Their usage is not clear to me.

Here is how I configure the awscognitotoken plugin :

  • Function to Perform: AWS Cognito Team - Plugin for insomnia ………
  • Username: the email I use to login to cognito; also tried the cognito username (uuid)
  • Password: the password
  • Region: eu-west-1
  • ClientId: 3t********************dcl5
  • TokenType: access
  • ClientSecret: nothing as none is configured

What I get is:

Error in getting session: 
{ "request":
  { "method":"post",
    "headers":{
      "content-type":"application/x-amz-json-1.1",
      "x-amz-target":"AWSCognitoIdentityProviderService.InitiateAuth"
    },
    "body":"{\"AuthFlow\":\"USER_PASSWORD_AUTH\",\"ClientId\":\"3t***dcl5\",\"AuthParameters\":{\"USERNAME\":\"[email protected]\",\"PASSWORD\":\"<password>\"}}"},
  "status":400
}

Can you spot any error?

Solution

  • Il seems that in my case the problem was that I did not allow the USER_PASSWORD_AUTH in the settings of AWS.

    Here is what I did to allow it:

    • Choose your UserPool
    • General Settings › App Clients › Show details
    • Auth Flows Configuration › check Enable username password based authentication (ALLOW_USER_PASSWORD_AUTH)

    After doing that I've got the token [and I feel stupid].