Auth.confirmSignIn throws "Invalid device key given."

gabrielmaldi commented 3 years ago

Before opening, please confirm:

[X] I have searched for duplicate or closed issues and discussions.
[X] I have read the guide for submitting bug reports.
[X] I have done my best to include a minimal, self-contained set of instructions for consistently reproducing the issue.

JavaScript Framework

Angular

Amplify APIs

Authentication

Amplify Categories

auth

Environment information

``` System: OS: macOS 11.4 CPU: (8) arm64 Apple M1 Memory: 111.47 MB / 16.00 GB Shell: 3.2.2 - /usr/local/bin/fish Binaries: Node: 16.3.0 - /usr/local/bin/node npm: 7.6.0 - /opt/homebrew/bin/npm Browsers: Chrome: 91.0.4472.106 Chrome Canary: 93.0.4545.2 Edge: 91.0.864.53 Firefox: 89.0 Safari: 14.1.1 Safari Technology Preview: 14.2 npmPackages: @angular-builders/custom-webpack: ^11.1.1 => 11.1.1 @angular-devkit/build-angular: ~0.1100.1 => 0.1100.7 @angular-eslint/eslint-plugin: ~1.0.0 => 1.0.0 @angular-eslint/eslint-plugin-template: ~1.0.0 => 1.0.0 @angular-eslint/template-parser: ~1.0.0 => 1.0.0 @angular-material-components/color-picker: ^5.0.2 => 5.0.2 @angular/animations: ^11.0.0 => 11.2.7 @angular/animations/browser: undefined () @angular/animations/browser/testing: undefined () @angular/cdk: ^11.0.0 => 11.2.6 @angular/cdk/a11y: undefined () @angular/cdk/accordion: undefined () @angular/cdk/bidi: undefined () @angular/cdk/clipboard: undefined () @angular/cdk/coercion: undefined () @angular/cdk/collections: undefined () @angular/cdk/drag-drop: undefined () @angular/cdk/keycodes: undefined () @angular/cdk/layout: undefined () @angular/cdk/observers: undefined () @angular/cdk/overlay: undefined () @angular/cdk/platform: undefined () @angular/cdk/portal: undefined () @angular/cdk/scrolling: undefined () @angular/cdk/stepper: undefined () @angular/cdk/table: undefined () @angular/cdk/testing: undefined () @angular/cdk/testing/protractor: undefined () @angular/cdk/testing/testbed: undefined () @angular/cdk/text-field: undefined () @angular/cdk/tree: undefined () @angular/cli: ~11.0.0 => 11.0.7 @angular/common: ^11.0.0 => 11.2.7 @angular/common/http: undefined () @angular/common/http/testing: undefined () @angular/common/testing: undefined () @angular/common/upgrade: undefined () @angular/compiler: ^11.0.0 => 11.2.7 @angular/compiler-cli: ^11.0.0 => 11.2.7 @angular/compiler/testing: undefined () @angular/core: ^11.0.0 => 11.2.7 @angular/core/testing: undefined () @angular/flex-layout: 11.0.0-beta.33 => 11.0.0-beta.33 @angular/flex-layout/core: undefined () @angular/flex-layout/extended: undefined () @angular/flex-layout/flex: undefined () @angular/flex-layout/grid: undefined () @angular/flex-layout/server: undefined () @angular/forms: ^11.0.0 => 11.2.7 @angular/language-service: ^11.0.0 => 11.2.7 @angular/localize: ^11.0.0 => 11.2.7 @angular/localize/init: undefined () @angular/material: ^11.0.0 => 11.2.6 @angular/material/autocomplete: undefined () @angular/material/autocomplete/testing: undefined () @angular/material/badge: undefined () @angular/material/badge/testing: undefined () @angular/material/bottom-sheet: undefined () @angular/material/bottom-sheet/testing: undefined () @angular/material/button: undefined () @angular/material/button-toggle: undefined () @angular/material/button-toggle/testing: undefined () @angular/material/button/testing: undefined () @angular/material/card: undefined () @angular/material/card/testing: undefined () @angular/material/checkbox: undefined () @angular/material/checkbox/testing: undefined () @angular/material/chips: undefined () @angular/material/chips/testing: undefined () @angular/material/core: undefined () @angular/material/core/testing: undefined () @angular/material/datepicker: undefined () @angular/material/datepicker/testing: undefined () @angular/material/dialog: undefined () @angular/material/dialog/testing: undefined () @angular/material/divider: undefined () @angular/material/divider/testing: undefined () @angular/material/expansion: undefined () @angular/material/expansion/testing: undefined () @angular/material/form-field: undefined () @angular/material/form-field/testing: undefined () @angular/material/form-field/testing/control: undefined () @angular/material/grid-list: undefined () @angular/material/grid-list/testing: undefined () @angular/material/icon: undefined () @angular/material/icon/testing: undefined () @angular/material/input: undefined () @angular/material/input/testing: undefined () @angular/material/list: undefined () @angular/material/list/testing: undefined () @angular/material/menu: undefined () @angular/material/menu/testing: undefined () @angular/material/paginator: undefined () @angular/material/paginator/testing: undefined () @angular/material/progress-bar: undefined () @angular/material/progress-bar/testing: undefined () @angular/material/progress-spinner: undefined () @angular/material/progress-spinner/testing: undefined () @angular/material/radio: undefined () @angular/material/radio/testing: undefined () @angular/material/select: undefined () @angular/material/select/testing: undefined () @angular/material/sidenav: undefined () @angular/material/sidenav/testing: undefined () @angular/material/slide-toggle: undefined () @angular/material/slide-toggle/testing: undefined () @angular/material/slider: undefined () @angular/material/slider/testing: undefined () @angular/material/snack-bar: undefined () @angular/material/snack-bar/testing: undefined () @angular/material/sort: undefined () @angular/material/sort/testing: undefined () @angular/material/stepper: undefined () @angular/material/stepper/testing: undefined () @angular/material/table: undefined () @angular/material/table/testing: undefined () @angular/material/tabs: undefined () @angular/material/tabs/testing: undefined () @angular/material/toolbar: undefined () @angular/material/toolbar/testing: undefined () @angular/material/tooltip: undefined () @angular/material/tooltip/testing: undefined () @angular/material/tree: undefined () @angular/material/tree/testing: undefined () @angular/platform-browser: ^11.0.0 => 11.2.7 @angular/platform-browser-dynamic: ^11.0.0 => 11.2.7 @angular/platform-browser-dynamic/testing: undefined () @angular/platform-browser/animations: undefined () @angular/platform-browser/testing: undefined () @angular/router: ^11.0.0 => 11.2.7 @angular/router/testing: undefined () @angular/router/upgrade: undefined () @biesbjerg/ngx-translate-extract: 7.0.4 => 7.0.4 @ngx-pwa/local-storage: ^11.1.0 => 11.1.0 @ngx-translate/core: ^13.0.0 => 13.0.0 @ngx-translate/http-loader: ^6.0.0 => 6.0.0 @nrwl/angular: 11.2.0 => 11.2.0 @nrwl/angular/testing: undefined () @nrwl/cli: 11.2.0 => 11.2.0 @nrwl/eslint-plugin-nx: 11.2.0 => 11.2.0 @nrwl/jest: 11.2.0 => 11.2.0 @nrwl/tao: 11.2.0 => 11.2.0 @nrwl/workspace: 11.2.0 => 11.2.0 @openapitools/openapi-generator-cli: ^2.2.2 => 2.2.4 @swimlane/dragula: 3.8.0 => 3.8.0 @swimlane/ngx-charts: 16.0.0 => 16.0.0 @swimlane/ngx-datatable: ^19.0.0 => 19.0.0 @swimlane/ngx-dnd: 9.0.0 => 9.0.0 @types/jest: 26.0.8 => 26.0.8 @types/node: 12.12.38 => 12.12.38 (12.12.50) @types/prismjs: 1.16.2 => 1.16.2 @typescript-eslint/eslint-plugin: 4.3.0 => 4.3.0 @typescript-eslint/parser: 4.3.0 => 4.3.0 angular-in-memory-web-api: ^0.11.0 => 0.11.0 aws-amplify: ^4.1.1 => 4.1.1 codelyzer: ^6.0.0 => 6.0.1 del: ^6.0.0 => 6.0.0 (4.1.1) dotenv: 6.2.0 => 6.2.0 eslint: 7.10.0 => 7.10.0 eslint-config-prettier: 6.0.0 => 6.0.0 eslint-plugin-unused-imports: ^1.1.1 => 1.1.1 html-minifier: ^4.0.0 => 4.0.0 husky: ^4.3.8 => 4.3.8 jest: 26.2.2 => 26.2.2 jest-preset-angular: 8.3.2 => 8.3.2 lib: 0.0.1 lint-staged: ^10.5.3 => 10.5.4 marked: ^2.0.3 => 2.0.3 moment-timezone: ^0.5.33 => 0.5.33 ng-recaptcha: ^7.0.1 => 7.0.1 ngx-cookie-service: ^11.0.0 => 11.0.2 ngx-mask: ^12.0.0 => 12.0.0 perfect-scrollbar: 1.5.0 => 1.5.0 prettier: 2.2.1 => 2.2.1 prismjs: 1.22.0 => 1.22.0 rxjs: ~6.6.3 => 6.6.7 (6.6.3) rxjs/ajax: undefined () rxjs/fetch: undefined () rxjs/internal-compatibility: undefined () rxjs/operators: undefined () rxjs/testing: undefined () rxjs/webSocket: undefined () swiper: ^6.5.6 => 6.5.6 swiper/a11y: undefined () swiper/autoplay: undefined () swiper/bundle: undefined () swiper/controller: undefined () swiper/core: undefined () swiper/effect-coverflow: undefined () swiper/effect-cube: undefined () swiper/effect-fade: undefined () swiper/effect-flip: undefined () swiper/hash-navigation: undefined () swiper/history: undefined () swiper/keyboard: undefined () swiper/lazy: undefined () swiper/mousewheel: undefined () swiper/navigation: undefined () swiper/pagination: undefined () swiper/parallax: undefined () swiper/react: undefined () swiper/scrollbar: undefined () swiper/svelte: undefined () swiper/thumbs: undefined () swiper/types: undefined () swiper/virtual: undefined () swiper/vue: undefined () swiper/zoom: undefined () swiper_angular: undefined () ts-jest: 26.4.0 => 26.4.0 ts-node: ~9.1.1 => 9.1.1 tslib: ^2.0.0 => 2.1.0 (1.14.1, 2.0.3, 1.13.0) tslint: ~6.1.0 => 6.1.3 typescript: ~4.0.3 => 4.0.7 (4.0.5) web-animations-js: ^2.3.2 => 2.3.2 zone.js: ^0.10.2 => 0.10.3 npmGlobalPackages: npm: 7.6.0 prettier: 2.3.1 svgexport: 0.4.2 ```

Describe the bug

This issue is a continuation of #2087 which was closed. In that issue, a user stated that the answer to an AWS ticket was:

The reason behind the ‘InvalidParameterException’ with the message 'Invalid device key given’ while using the ‘USER_PASSWORD_AUTH’ auth flow is that the ‘USER_PASSWORD_AUTH’ does not accept any parameter named device key. Thus, it is not a valid parameter. The device key parameter can only be used with 'USER_SRP_AUTH' and ‘CUSTOM_AUTH’ auth flow.

But I just tested signing in using USER_PASSWORD_AUTH which ran my Lambda trigger migration to create the Cognito user, and Amplify sent this request (after successful migration + sign in):

x-amz-target: AWSCognitoIdentityProviderService.ConfirmDevice

{
    "DeviceKey": "us-east-1_xxx",
    "AccessToken": "xxx",
    "DeviceSecretVerifierConfig":
    {
        "Salt": "xxx",
        "PasswordVerifier": "xxx"
    },
    "DeviceName": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.77 Safari/537.36"
}

With the response being: 200 — { "UserConfirmationNecessary": false }

Thus, it seems Cognito is correctly processing a confirm device request for USER_PASSWORD_AUTH (I see the device in the user's details in the User Pool).

The error occurs when I enable SMS MFA for the user:

1- InitiateAuth with the user's credentials returns { ChallengeName: "SMS_MFA" } 2- Amplify calls RespondToAuthChallenge with the code the user received via SMS and the response contains { NewDeviceMetadata: { DeviceGroupKey: "xxx", DeviceKey: "xxx" } } 3- Amplify calls ConfirmDevice just like it does in the no-mfa-flow I described above, but this time the response is InvalidParameterException — Invalid device key given.

So, why is Cognito returning an error this time with the same USER_PASSWORD_AUTH flow, with the only difference being MFA? Is this an issue in Cognito or Amplify? It should be possible to use the migration trigger (which requires USER_PASSWORD_AUTH) and also remember devices (which does work except with MFA).

Thanks!

Expected behavior

A migrated user (which requires USER_PASSWORD_AUTH) should be able to sign in using SMS MFA and with remember-devices enabled in the Cognito User Pool. Auth.confirmSignIn should not throw an exception.

Reproduction steps

Configure the User Pool to use USER_PASSWORD_AUTH (so a migration trigger can be used)
Configure the User Pool to remember users' devices
Enable SMS MFA for a user
Try to sign in with the user in a new device (clear localStorage first). This will fail when submitting the code received via SMS.

Code Snippet

import { Auth } from '@aws-amplify/auth';

let user = await Auth.signIn(username, password);
if (user.challengeName == 'SMS_MFA') {
  await Auth.confirmSignIn(user, code, user.challengeName);
}

Log output

``` [DEBUG] 31:56.108 AuthClass - signIn MFA required [DEBUG] 32:08.667 AuthClass - confirm signIn failure {code: "InvalidParameterException", name: "InvalidParameterException", message: "Invalid device key given."} ```

aws-exports.js

No response

Manual configuration

{
    "Auth": {
        "region": "xxx",
        "userPoolId": "xxx",
        "userPoolWebClientId": "xxx",
        "mandatorySignIn": true,
        "authenticationFlowType": "USER_PASSWORD_AUTH"
    }
}

Additional configuration

{
    "UserPool": {
        "Id": "xxx",
        "Name": "xxx",
        "Policies": {
            "PasswordPolicy": {
                "MinimumLength": 8,
                "RequireUppercase": true,
                "RequireLowercase": true,
                "RequireNumbers": true,
                "RequireSymbols": false,
                "TemporaryPasswordValidityDays": 1
            }
        },
        "LambdaConfig": {
            "PreAuthentication": "xxx",
            "UserMigration": "xxx"
        },
        "LastModifiedDate": "2021-06-18T06:02:04.649000-03:00",
        "CreationDate": "2021-04-12T18:25:19.393000-03:00",
        "SchemaAttributes": [
            {
                "Name": "sub",
                "AttributeDataType": "String",
                "DeveloperOnlyAttribute": false,
                "Mutable": false,
                "Required": true,
                "StringAttributeConstraints": {
                    "MinLength": "1",
                    "MaxLength": "2048"
                }
            },
            {
                "Name": "name",
                "AttributeDataType": "String",
                "DeveloperOnlyAttribute": false,
                "Mutable": true,
                "Required": false,
                "StringAttributeConstraints": {
                    "MinLength": "0",
                    "MaxLength": "2048"
                }
            },
            {
                "Name": "given_name",
                "AttributeDataType": "String",
                "DeveloperOnlyAttribute": false,
                "Mutable": true,
                "Required": false,
                "StringAttributeConstraints": {
                    "MinLength": "0",
                    "MaxLength": "2048"
                }
            },
            {
                "Name": "family_name",
                "AttributeDataType": "String",
                "DeveloperOnlyAttribute": false,
                "Mutable": true,
                "Required": false,
                "StringAttributeConstraints": {
                    "MinLength": "0",
                    "MaxLength": "2048"
                }
            },
            {
                "Name": "middle_name",
                "AttributeDataType": "String",
                "DeveloperOnlyAttribute": false,
                "Mutable": true,
                "Required": false,
                "StringAttributeConstraints": {
                    "MinLength": "0",
                    "MaxLength": "2048"
                }
            },
            {
                "Name": "nickname",
                "AttributeDataType": "String",
                "DeveloperOnlyAttribute": false,
                "Mutable": true,
                "Required": false,
                "StringAttributeConstraints": {
                    "MinLength": "0",
                    "MaxLength": "2048"
                }
            },
            {
                "Name": "preferred_username",
                "AttributeDataType": "String",
                "DeveloperOnlyAttribute": false,
                "Mutable": true,
                "Required": false,
                "StringAttributeConstraints": {
                    "MinLength": "0",
                    "MaxLength": "2048"
                }
            },
            {
                "Name": "profile",
                "AttributeDataType": "String",
                "DeveloperOnlyAttribute": false,
                "Mutable": true,
                "Required": false,
                "StringAttributeConstraints": {
                    "MinLength": "0",
                    "MaxLength": "2048"
                }
            },
            {
                "Name": "picture",
                "AttributeDataType": "String",
                "DeveloperOnlyAttribute": false,
                "Mutable": true,
                "Required": false,
                "StringAttributeConstraints": {
                    "MinLength": "0",
                    "MaxLength": "2048"
                }
            },
            {
                "Name": "website",
                "AttributeDataType": "String",
                "DeveloperOnlyAttribute": false,
                "Mutable": true,
                "Required": false,
                "StringAttributeConstraints": {
                    "MinLength": "0",
                    "MaxLength": "2048"
                }
            },
            {
                "Name": "email",
                "AttributeDataType": "String",
                "DeveloperOnlyAttribute": false,
                "Mutable": true,
                "Required": false,
                "StringAttributeConstraints": {
                    "MinLength": "0",
                    "MaxLength": "2048"
                }
            },
            {
                "Name": "email_verified",
                "AttributeDataType": "Boolean",
                "DeveloperOnlyAttribute": false,
                "Mutable": true,
                "Required": false
            },
            {
                "Name": "gender",
                "AttributeDataType": "String",
                "DeveloperOnlyAttribute": false,
                "Mutable": true,
                "Required": false,
                "StringAttributeConstraints": {
                    "MinLength": "0",
                    "MaxLength": "2048"
                }
            },
            {
                "Name": "birthdate",
                "AttributeDataType": "String",
                "DeveloperOnlyAttribute": false,
                "Mutable": true,
                "Required": false,
                "StringAttributeConstraints": {
                    "MinLength": "10",
                    "MaxLength": "10"
                }
            },
            {
                "Name": "zoneinfo",
                "AttributeDataType": "String",
                "DeveloperOnlyAttribute": false,
                "Mutable": true,
                "Required": false,
                "StringAttributeConstraints": {
                    "MinLength": "0",
                    "MaxLength": "2048"
                }
            },
            {
                "Name": "locale",
                "AttributeDataType": "String",
                "DeveloperOnlyAttribute": false,
                "Mutable": true,
                "Required": false,
                "StringAttributeConstraints": {
                    "MinLength": "0",
                    "MaxLength": "2048"
                }
            },
            {
                "Name": "phone_number",
                "AttributeDataType": "String",
                "DeveloperOnlyAttribute": false,
                "Mutable": true,
                "Required": false,
                "StringAttributeConstraints": {
                    "MinLength": "0",
                    "MaxLength": "2048"
                }
            },
            {
                "Name": "phone_number_verified",
                "AttributeDataType": "Boolean",
                "DeveloperOnlyAttribute": false,
                "Mutable": true,
                "Required": false
            },
            {
                "Name": "address",
                "AttributeDataType": "String",
                "DeveloperOnlyAttribute": false,
                "Mutable": true,
                "Required": false,
                "StringAttributeConstraints": {
                    "MinLength": "0",
                    "MaxLength": "2048"
                }
            },
            {
                "Name": "updated_at",
                "AttributeDataType": "Number",
                "DeveloperOnlyAttribute": false,
                "Mutable": true,
                "Required": false,
                "NumberAttributeConstraints": {
                    "MinValue": "0"
                }
            },
            {
                "Name": "custom:permissions",
                "AttributeDataType": "String",
                "DeveloperOnlyAttribute": false,
                "Mutable": true,
                "Required": false,
                "StringAttributeConstraints": {
                    "MinLength": "0",
                    "MaxLength": "2048"
                }
            },
            {
                "Name": "custom:profile",
                "AttributeDataType": "String",
                "DeveloperOnlyAttribute": false,
                "Mutable": true,
                "Required": false,
                "StringAttributeConstraints": {
                    "MinLength": "0",
                    "MaxLength": "2048"
                }
            }
        ],
        "AutoVerifiedAttributes": [
            "email"
        ],
        "UsernameAttributes": [
            "email"
        ],
        "SmsVerificationMessage": "Your verification code is {####}. ",
        "EmailVerificationMessage": "Your verification code is {####}. ",
        "EmailVerificationSubject": "Your verification code",
        "VerificationMessageTemplate": {
            "SmsMessage": "Your verification code is {####}. ",
            "EmailMessage": "Your verification code is {####}. ",
            "EmailSubject": "Your verification code",
            "EmailMessageByLink": "Please click the link below to verify your email address. {##Verify Email##} ",
            "EmailSubjectByLink": "Your verification link",
            "DefaultEmailOption": "CONFIRM_WITH_LINK"
        },
        "SmsAuthenticationMessage": "Your verification code is {####}. ",
        "MfaConfiguration": "OPTIONAL",
        "DeviceConfiguration": {
            "ChallengeRequiredOnNewDevice": true,
            "DeviceOnlyRememberedOnUserPrompt": false
        },
        "EstimatedNumberOfUsers": 5,
        "EmailConfiguration": {
            "EmailSendingAccount": "COGNITO_DEFAULT"
        },
        "SmsConfiguration": {
            "SnsCallerArn": "xxx",
            "ExternalId": "xxx"
        },
        "UserPoolTags": {},
        "Domain": "xxx",
        "CustomDomain": "xxx",
        "AdminCreateUserConfig": {
            "AllowAdminCreateUserOnly": true,
            "UnusedAccountValidityDays": 1,
            "InviteMessageTemplate": {
                "SMSMessage": "Your username is {username} and temporary password is {####}. ",
                "EmailMessage": "Your username is {username} and temporary password is {####}. ",
                "EmailSubject": "Your temporary password"
            }
        },
        "UsernameConfiguration": {
            "CaseSensitive": false
        },
        "Arn": "xxx",
        "AccountRecoverySetting": {
            "RecoveryMechanisms": [
                {
                    "Priority": 1,
                    "Name": "verified_email"
                },
                {
                    "Priority": 2,
                    "Name": "verified_phone_number"
                }
            ]
        }
    }
}

Mobile Device

No response

Mobile Operating System

No response

Mobile Browser

No response

Mobile Browser Version

No response

Additional information and screenshots

No response

TomBonnerAtDerivitec commented 3 years ago

Just to add that we're seeing exactly the same issue here.

Configure the User Pool to use USER_PASSWORD_AUTH (so a migration trigger can be used)
Configure the User Pool to remember users' devices
Create user.
Enable MFA (Software Token)
Logout
Clear local browser cache
signIn (challenged for MFA)
confirmSignIn
Receive error Invalid device key given, although interestingly the user is logged in.

ashika01 commented 2 years ago

Quick clarifications here, in the flow, when u login in with a new device are u making sure u remember the device?

Also, Could you try to use ListDevice api to see if the new device is listed there?

chrisbonifacio commented 2 years ago

Hi 👋 Closing this as we have not heard back from you. If you are still experiencing this issue and in need of assistance, please feel free to comment and provide us with any information previously requested by our team members so we can re-open this issue and be better able to assist you. Thank you!

Famin42 commented 2 years ago

same issue as @TomBonnerAtDerivitec said/described I posted related question on stackoverflow

Famin42 commented 2 years ago

@TomBonnerAtDerivitec please, take a look at this issue Seems like we're running into the same problem

JandenMa commented 2 years ago

I met the same issue as well. So I think we have to reopen this issue.

Configure the User Pool to use USER_PASSWORD_AUTH (so a migration trigger can be used)
Configure the User Pool to remember users' devices
Create a user with a temporary password
User uses the email and the temporary password to log in
Require user to reset a new password
Invoke Auth.completeNewPassword to set a new password
Receive error Invalid device key given, although interestingly the password has been reset.

Now I have to ignore the error for better UE.

By the way, I met the same issue what @TomBonnerAtDerivitec posted above

cc @chrisbonifacio @gabrielmaldi @TomBonnerAtDerivitec

abdallahshaban557 commented 2 years ago

We have re-opened this issue for now, thank you for the feedback. Our team will reach out once they are able to replicate this.

JandenMa commented 2 years ago

We have re-opened this issue for now, thank you for the feedback. Our team will reach out once they are able to replicate this.

Thanks, look forward to that it can be figured out ASAP!

samuelcastro commented 2 years ago

We have re-opened this issue for now, thank you for the feedback. Our team will reach out once they are able to replicate this.

@abdallahshaban557 Any updates on this?

abdallahshaban557 commented 2 years ago

@samuelcastro - we do not have an update yet. We will provide feedback once our team has gotten a chance to review this further.

sagar1025 commented 2 years ago

Any updates on this? My team is also running into the same issue

mashaalmemon commented 1 year ago

Our team seems to also be running into a similar issue. For now had to implent the hacky fix suggested in https://github.com/aws-amplify/amplify-js/issues/2087 (essentially ignoring the "Invalid device key given." error when calling completeNewPassword). I've confirmed other's observations that despite the error, the password is actually changed successfully.

However is @samuelcastro , any updates?

cwomack commented 1 year ago

When this issue was opened, Cognito didn't support device management when doing sign-in with USER_PASSWORD_AUTH, but now does. As a result, we'll close this issue and point everyone to our documentation regarding the implementation and use of the USER_PASSWORD_AUTH flow along with the Cognito documentation for further clarity.

aws-amplify / amplify-js