Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Amplify "Unable to verify secret hash for client"

We have been using Amplify and Cognito to register our users for an Angular6 application deployed to Lambda. The client wanted to transition from email to username as primary user identification. So we created a new user pool / client. I don't have visibility into the configuration settings, I was simply given new user pool, identity pool, and client id's. Then I changed the code for application signup to look like this:

  return from(Auth.signUp({
  'username': username, // was email
  'password': password, 
  attributes: { // added these
    'email': email,
    'phone_number': phone_number,
    'family_name': name,
    'birthdate': DOB,
    'custom:last_4_ssn': SSN // custom attribute
  }}));

The response I'm getting with no other changes made is: Unable to verify secret hash for client. Google claims the problem is that secretAccess is currently an unsupported configuration, but the guy who has access to these services swears to me that nowhere is secretAccess configured in our setup.

I apologize for not having access to the configuration, but is there any other possible reason to receive this error?

like image 388
Arlo Guthrie Avatar asked Sep 24 '18 21:09

Arlo Guthrie


People also ask

What is secret hash?

The SecretHash value is a Base 64-encoded keyed-hash message authentication code (HMAC) calculated using the secret key of a user pool client and username plus the client ID in the message.

How do I uninstall client secret Cognito?

Client secret You can't change secrets after you create an app. You can create a new app with a new secret if you want to rotate the secret. You can also delete an app to block access from apps that use that app client ID. You can use a confidential client, and a client secret, with a public app.

What is Admin_no_srp_auth?

ADMIN_NO_SRP_AUTH : Non-SRP authentication flow; you can pass in the USERNAME and PASSWORD directly if the flow is enabled for calling the app client. ADMIN_USER_PASSWORD_AUTH : Admin-based user password authentication. This replaces the ADMIN_NO_SRP_AUTH authentication flow.

How do I add Cognito to amplify?

Import existing Amazon Cognito resources into your Amplify project. Get started by running amplify import auth command to search for & import an existing Cognito User Pool & Identity Pool in your account. The amplify import auth command will: automatically populate your Amplify Library configuration files (aws-exports.


1 Answers

That error is probably originating from the fact that the app client you are connected to has an associated secret key. When you create a user pool app client, it generates a secret by default: enter image description here

Right now, with React-Native Amplify you have to use an app client that does not have a secret key generated. So when you create a new app client with your desired attributes, make sure the "Generate client secret" box is unchecked.

like image 117
Zach Avatar answered Sep 27 '22 16:09

Zach