I’m attempting to authenticate customers by way of Google in my React Native iOS app, then confirm the ID token in AWS Cognito to imagine a task and entry AWS assets.
Right here’s my setup:
- Google OAuth 2.0 Shoppers:
One for Internet
One for iOS
- Cognito Identification Pool:
Authentication supplier: accounts.google.com
iOS shopper ID configured in Shopper ID area
Position choice: default position
Declare mapping: Default mappings
IAM Position Belief Coverage:
{
"Model": "2012-10-17",
"Assertion": [
{
"Effect": "Allow",
"Principal": {
"Federated": "cognito-identity.amazonaws.com"
},
"Action": "sts:AssumeRoleWithWebIdentity",
"Condition": {
"StringEquals": {
"cognito-identity.amazonaws.com:aud": "us-east-1:"
},
"ForAnyValue:StringLike": {
"cognito-identity.amazonaws.com:amr": "authenticated"
}
}
}
]
}
- ID Token from React Native iOS app (decoded):
{
"iss": "https://accounts.google.com",
"azp": "",
"aud": "",
"sub": "xxxxxxx",
"e-mail": "[email protected]",
"email_verified": true,
"at_hash": "xxxxxx",
"nonce": "xxxxx",
"title": "xxxxx",
"image": "https://lh3.googleusercontent.com/a/xxxx",
"given_name": "xxx",
"family_name": "xxx",
"iat": 1756173447,
"exp": 1756177047
}
- Testing with AWS CLI:
aws cognito-identity get-credentials-for-identity
--identity-id us-east-1:
--logins "accounts.google.com="
Noticed habits:
A brand new Cognito Identification is created within the console when run above cli however fails with:
An error occurred (InvalidIdentityPoolConfigurationException) when calling the GetCredentialsForIdentity operation: Invalid identification pool configuration. Examine assigned IAM roles for this pool.
Query:
What may trigger InvalidIdentityPoolConfigurationException on this situation? Request assist resolving this. Thanks prematurely.