I'm asking this question because I was surprised how little information I could find from Googling. However, I was able to track down what I think is the root cause. I'll share it as an answer and see if someone is able to elaborate or provide a better explanation.
So, to clarify, I'm using the AWS JavaScript SDK for Cognito. When I tried some of the standard use cases, I received the following error:
Client is configured for secret but secret was not received
What steps can I take to resolve this?
I heard the same issue and I have to delete App Clients. Create a new App Clients and uncheck Generate client secret. Everything worked as expected in my code.
If you are not using an SDK to communicate with Cognito, you can include "SECRET_HASH" in "AUTH_PARAMETERS". To compute the "SECRET_HASH", please refer to AWS Docs:
https://docs.aws.amazon.com/cognito/latest/developerguide/signing-up-users-in-your-app.html#cognito-user-pools-computing-secret-hash
Here is an example of how to log in users using Python using a client that has both a client ID and client secret:
import json
import requests
import hmac
import hashlib
import base64
client_id = ""
client_secret = ""
cognito_url = ""
username = ""
password = ""
secret_hash = base64.b64encode(hmac.new(bytes(client_secret, 'utf-8'), bytes(
username + client_id, 'utf-8'), digestmod=hashlib.sha256).digest()).decode()
reqData = {
"AuthParameters": {
"USERNAME": username,
"PASSWORD": password,
"SECRET_HASH": secret_hash
},
"AuthFlow": "USER_PASSWORD_AUTH",
"ClientId": client_id
}
headers = {
"X-Amz-Target": 'AWSCognitoIdentityProviderService.InitiateAuth',
"Content-Type": 'application/x-amz-json-1.1'
}
jsonResponse = requests.post(
url=cognito_url, data=json.dumps(reqData), headers=headers).json()
print(jsonResponse)
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With