Closed saharJ95 closed 1 month ago
Hello, @saharJ95 👋 and sorry to hear you're running into this. We may need a little more information on the steps you took to set up Auth to determine why this error is happening. Are you trying to use a custom lambda to send back a message when a user is not in the user pool? Can you share the lambda code, which of the Auth lambdas are causing this, and a little more context there? Also, if you log in with an existing user is everything working just fine?
Hi @cwomack , I am not using any custom code/lambda What I am doing is..
Existing users work fine, I am trying to catch the exceptions although if the useremail or password is incorrect I am getting the correct response from Cognito APIs But in the UserNotFound exception, it returns InvalidLambdaResponseException
hello @saharJ95 . Could you please provide the following information:
signIn
API with an existing user ?Cognito Console
-> User pools
-> User pool properties
-> Lambda triggers
This will help us to determine the root cause of the issue. Usually the InvalidResponseLambdaException
is thrown when the userpool has a lambda trigger that is missconfigured.
Hi @israx ,
Created an identity pool and imported amplify config to my existing project.
As I mentioned, the Existing user sign works fine, wrong password exception works fine. Issue is when the email is incorrect or the user doesn't exist
Furthermore, I am getting this exception after migrating to amplify v6
Hello @saharJ95 . Thank you for providing all the feedback. I see you have set a pre authentication lambda
trigger which can be used to perform extra validation before authenticating a user. So based on the lambda docs we have that
Note This Lambda trigger doesn't activate when a user doesn't exist, or already has an existing session in your user pool. If the PreventUserExistenceErrors setting of a user pool app client is set to ENABLED, then the Lambda trigger will activate.
So the reason you are getting the InvalidLambdaResponseException
error is because your user pool has activated the PreventUserExistenceErrors
setting. This setting can be located at Cognito console
-> user pools -> App integration
-> App client list
-> App client information
-> edit -> Prevent user existence errors
.
In order to solve your issue you could do the following:
Prevent user existence errors
setting - NOT RECOMMENDED Pre authentication lambda
and throw an specific error - RECOMMENDED I highly recommend not disabling the Prevent user existence errors
setting. This will help you to prevent user enumeration errors.
Hi @israx , Thank you for your quick response. I fixed the pre auth lambda with the proper exception and it works fine .
Thanks :)
Before opening, please confirm:
JavaScript Framework
React
Amplify APIs
Authentication
Amplify Version
v6
Amplify Categories
auth
Backend
None
Environment information
Describe the bug
Using Cognito User Pool
Getting InvalidLambdaResponseException: Invalid lambda function output : Invalid JSON when the user doesnot exisit in pool or deleted
Expected behavior
Response should be User not Found with defined code
Reproduction steps
login with non exsisting users
Code Snippet
Log output
aws-exports.js
No response
Manual configuration
No response
Additional configuration
No response
Mobile Device
No response
Mobile Operating System
No response
Mobile Browser
No response
Mobile Browser Version
No response
Additional information and screenshots
No response