tivaliy
commented
2 years ago There are two types of token available in Cognito: IdToken and AccessToken. Make sure that you are using correct one.
Open JustinGuese opened 2 years ago
tivaliy
commented
2 years ago There are two types of token available in Cognito: IdToken and AccessToken. Make sure that you are using correct one.
PsypherPunk
commented
1 year ago Can I check which of these is considered "correct"?
We've an API Gateway in front of an app. which uses fastapi-cloudauth and the Gateway seemingly accepts either. fastapi-cloudauth, however, seems only to accept the IdToken.
Not sure if I missed something in the docs as to why that would be or if it's configurableā¦?
PsypherPunk
commented
1 year ago Ignore me: I RTFM'd a little harder and that first example finally clicked (AccessUser for the AccessToken; CognitoClaims for the IdToken.)
JLongley
commented
1 year ago I've implemented the code exactly as listed in the documentation for get_current_user, but regardless of if I pass the idToken or accessToken I still receive {detail: 'Not verified'}.
PsypherPunk
commented
1 year ago @JLongley, can I check how you're getting the tokens? And how you're forming the requests?
I've just copy/pasted the example from the README and it's seemingly working for both ID and Access tokens.
Hi, maybe I am missing something obvious, but when authenticating using an auth token from cognito, the fastapi-cloudauth responds with
401 {"detail": "Not verified"}This does not refer to the user I guess, as the user is email & phone verified, but does it refer to the domain (localhost, local dev)? How would I test my app locally then?
I hope you can point me in the right direction, as this package would be awesome to use!