search

aws / aws-appsync-community

The AWS AppSync community
https://aws.amazon.com/appsync
Apache License 2.0
506 stars 32 forks source link

@aws_auth(cognito_groups: ["users"]) works, @aws_cognito_user_pools(cognito_groups: ["users"]) doesn't #349

Open GregCKrause opened 6 months ago

GregCKrause commented 6 months ago

I am getting a successful response when using @aws_auth(cognito_groups: ["users"]). However, when I attempt to use @aws_cognito_user_pools(cognito_groups: ["users"]), I receive the following error:

{
 "errors": [
    {
      "path": [
        "getCheck"
      ],
      "data": null,
      "errorType": "Unauthorized",
      "errorInfo": null,
      "locations": [
        {
          "line": 3,
          "column": 5,
          "sourceName": null
        }
      ],
      "message": "Not Authorized to access getCheck on type Query"
    }
  ]
}

I am using AMAZON_COGNITO_USER_POOLS as the primary AppSync auth mode, with no additional auth modes. My understanding (according to docs here) is that these should be interchangeable if AMAZON_COGNITO_USER_POOLS is the only auth mode that's used.

You can use the @aws_cognito_user_pools directive in place of the @aws_auth directive, using the same arguments.

I am able to proceed with the @aws_auth directive, but wanted to raise this issue as it was quite confusing to encounter.