Configuring region in Node.js AWS SDK - javascript
Can someone explain how to fix a missing config error with Node.js? I've followed all the examples from the aws doc page but I still get this error no matter what.
{ [ConfigError: Missing region in config]
message: 'Missing region in config',
code: 'ConfigError',
time: Wed Jun 24 2015 21:39:58 GMT-0400 (EDT) }>{ thumbnail:
{ fieldname: 'thumbnail',
originalname: 'testDoc.pdf',
name: 'testDoc.pdf',
encoding: '7bit',
mimetype: 'application/pdf',
path: 'uploads/testDoc.pdf',
extension: 'pdf',
size: 24,
truncated: false,
buffer: null } }
POST / 200 81.530 ms - -
Here is my code:
var express = require('express');
var router = express.Router();
var AWS = require('aws-sdk');
var dd = new AWS.DynamoDB();
var s3 = new AWS.S3();
var bucketName = 'my-bucket';
AWS.config.update({region:'us-east-1'});
(...)
How about changing the order of statements?
Update AWS config before instantiating s3 and dd
var AWS = require('aws-sdk');
AWS.config.update({region:'us-east-1'});
var dd = new AWS.DynamoDB();
var s3 = new AWS.S3();
I had the same issue "Missing region in config" and in my case it was that, unlike in the CLI or Python SDK, the Node SDK won't read from the ~\.aws\config file.
To solve this, you have three options:
Configure it programmatically (hard-coded): AWS.config.update({region:'your-region'});
Use an environment variable. While the CLI uses AWS_DEFAULT_REGION, the Node SDK uses AWS_REGION.
Load from a JSON file using AWS.config.loadFromPath('./config.json');
JSON format:
{
"accessKeyId": "akid",
"secretAccessKey": "secret",
"region": "us-east-1"
}
If you work with AWS CLI, you probably have a default region defined in ~/.aws/config. Unfortunately AWS SDK for JavaScript does not load it by default. To load it define env var
AWS_SDK_LOAD_CONFIG=1
See https://github.com/aws/aws-sdk-js/pull/1391
Same error for me:
After doing a lot of trials I have settled on the below:
OPTION 1
set the AWS_REGION environment variable in local system only, to us-east-1 (example)
For Linux:
export AWS_ACCESS_KEY_ID=AKIAIOSFODNN7EXAMPLE
export AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
export AWS_DEFAULT_REGION=us-east-1
For Windows
see: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-envvars.html
now, no need to set any lambda variables for region
also, no need to use in code, for example:
AWS.config.update(...), this is not required
AWS.S3(), etc., these will work without any problems. In place of S3, there can be any aws service
In a rare case if somewhere some defaults are assumed in code and you are forced to send region, then use {'region': process.env.AWS_REGION})
OPTION 2
Instead of environment variables, another way is AWS CONFIG file:
On Linux you can create below files:
~/.aws/credentials
[default]
aws_access_key_id=AKIAIOSFODNN7EXAMPLE
aws_secret_access_key=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
~/.aws/config
[default]
region=us-west-2
output=json
See https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-files.html
You can specify the region when creating the dynamodb connection (haven't tried s3 but that should work too).
var AWS = require('aws-sdk');
var dd = new AWS.DynamoDB({'region': 'us-east-1'});
var AWS = require('aws-sdk');
// assign AWS credentials here in following way:
AWS.config.update({
accessKeyId: 'asdjsadkskdskskdk',
secretAccessKey: 'sdsadsissdiidicdsi',
region: 'us-east-1'
});
var dd = new AWS.DynamoDB();
var s3 = new AWS.S3();
I have gone through your code and here you are connecting to AWS services before setting the region, so i suggest you to update the region first and then connect to services or create instance of those as below -
var express = require('express');
var router = express.Router();
var AWS = require('aws-sdk');
AWS.config.update({region:'us-east-1'});
var dd = new AWS.DynamoDB();
var s3 = new AWS.S3();
var bucketName = 'my-bucket';
I'm impressed this hasn't been posted here yet.
Instead of setting the region with AWS.config.update(), you can use
const s3 = new AWS.S3({
region: "eu-central-1",
});
to make it instance specific.
This may not be the right way to do it, but I have all my configs in a separate JSON file. And this does fix the issue for me
To load the AWS config, i do this:
var awsConfig = config.aws;
AWS.config.region = awsConfig.region;
AWS.config.credentials = {
accessKeyId: awsConfig.accessKeyId,
secretAccessKey: awsConfig.secretAccessKey
}
config.aws is just a JSON file.
To the comment above, you can always it run from your local global config file ~./aws/config by adding the following:
process.env.AWS_SDK_LOAD_CONFIG="true";
This will load your local global config file and use whatever credentials/account you are in which is really handy when iterating through multiple accounts / roles.
You can resolve this issue right in your project directory.
npm i -D dotenv.
Create .env file in root of our project.
Set environment variable AWS_SDK_LOAD_CONFIG=1 in that .env file.
const {config} = require("dotenv"); in the same file where you configure connection to DynamoDB.
config() before you new AWS.DynamoDB().
P.S. As someone have mentioned before, problem is that Node doesn't get data from your aws.config file
You could create a common module and use it based on the region you want to
var AWS = require('aws-sdk')
module.exports = {
getClient: function(region) {
AWS.config.update({ region: region })
return new AWS.S3()
}
}
and consume it as,
var s3Client = s3.getClient(config.region)
the idea is to Update AWS config before instantiating s3
I know I am EXTREMELY late to the party, but I have an additional solution which worked for me.
It might be worth passing credentials to each resource directly.
let lambda = AWS.Lambda({region: "us-east-1"});
let credentials = new AWS.SharedIniFileCredentials({
profile: PROFILE_NAME,
});
lambda.config.credentials = credentials;
Best Practice would be to utilize an Amazon Cognito Identity pool.
Create an IAM Policy that defines the access to the resource you want. (Least Access Privilege)
Then create an Amazon Cognito Identity Pool allowing unauthenticated identities.
Then attached the IAM Policy you created to the Unauthenticated Role for the Identity Pool.
Once that is setup you use the following code:
AWS.config.region = 'us-east-1';
AWS.config.credentials = new AWS.CognitoIdentityCredentials({
IdentityPoolId: 'IdentityPoolIdHere',
});
Amazon Cognito assumes the IAM Role specified in unauthenticated identities where Amazon STS is utilized in the background which then populates config with temporary credentials with accessibility as defined in the attached IAM Policy for the IAM Role.
var AWS = require("aws-sdk");
AWS.config.getCredentials(function(err) {
if (err) console.log(err.stack);
// credentials not loaded
else {
console.log("Access key:", AWS.config.credentials.accessKeyId);
}
});
In my case, I was trying to use it in a React.JS app following this tutorial.
I needed to move the config data to the same file where I was calling the DocumentClient instead of having the config in my index.js file.
create a common module and use it based on the region you want to
var AWS = require('aws-sdk')
module.exports = {
getClient: function(region) {
AWS.config.update({ region: region })
return new AWS.S3()
}
}
----------------------------------------------------
And then you can use the following .
var s3Client = s3.getClient(config.region)
It's 2022 and this is the top result on Google for "Missing region in config".
For those getting this error when using the AWS Node SDK in combination with profiles (i.e. ~/.aws/config and ~/.aws/credentials), the solution is to load the credentials for the profile name (via
AWS.SharedIniFileCredentials),
and then separately get the region for the profile name using the
#aws-sdk/shared-ini-file-loader.
i.e.
import AWS from "aws-sdk";
import { loadSharedConfigFiles } from "#aws-sdk/shared-ini-file-loader";
const profileName = "default"; // change this to whatever profile name you want
loadSharedConfigFiles().then((awsConfig) => {
// console.log(awsConfig);
const region = awsConfig?.configFile?.[profileName]?.region;
const credentials = new AWS.SharedIniFileCredentials({
profile: profileName,
});
// now use the credentials and the profile's region however you want
const pinpoint = new AWS.Pinpoint({
credentials: credentials,
region: region,
});
pinpoint.getApps({}, function (err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
});
A team member of mine experienced this issue when trying to set up SNS Text Messaging with the AWS Node SDK.
We were getting this error when we run the process:
ConfigError: Invalid region in config
Here's how he solved it:
The initial way the AWS credentials are referenced are:
AWS_ACCESS_KEY='AKIAR5NCt72I72Nrt267'
AWS_SECRET_ACCESS_KEY='DhnqpuPdfV9nwFufsKJLJsydfJb7HNjPb5suwpvM'
AWS_REGION='us-west-1'
He simply removed the quotes '' around the credentials, so we had this:
AWS_ACCESS_KEY=AKIAR5NCt72I72Nrt267
AWS_SECRET_ACCESS_KEY=DhnqpuPdfV9nwFufsKJLJsydfJb7HNjPb5suwpvM
AWS_REGION=us-west-1
And it worked fine afterward.
Related
Where can I see the code for the AWS SDK function?
For example, When I use this function like this // snippet-start:[s3.JavaScript.buckets.createBucket] // Load the AWS SDK for Node.js var AWS = require('aws-sdk'); // Set the region AWS.config.update({region: 'REGION'}); // Create S3 service object s3 = new AWS.S3({apiVersion: '2006-03-01'}); // Create the parameters for calling createBucket var bucketParams = { Bucket : process.argv[2] }; // call S3 to create the bucket s3.createBucket(bucketParams, function(err, data) { if (err) { console.log("Error", err); } else { console.log("Success", data.Location); } }); I want to see the code that implements the function. When I looked at the AWS SDK code, I couldn't go deeper than this. Where can I see the code for the AWS SDK function?
.d.ts files are not code, they are only type definitions. If you look at the s3.js file that is next to that s3.d.ts file you've already found, you will see that it calls require('../lib/services/s3'). Look in that file to find the code.
"Missing credentials in config, if using AWS_CONFIG_FILE, set AWS_SDK_LOAD_CONFIG=1" error when attempting to execute putObject
I am very new to using AWS services, and relatively new to JS as a whole. I am trying to use putObject to send user data from my website to my s3 bucket. I want any user that enters this site to have their data sent to the bucket. In the HTML of my website, I have have the following JavaScript code, that creates an AWS.S3 object like so: AWS.config.update({ region: 'us-east-1', accessKeyID: "MYACCESSKEYID", secretAccessKey: "MYSECRETACCESSKEY" }); var s3 = new AWS.S3(); var params = { Bucket: "my.test.bucket", Key: <JSON object containing user info> }; s3.putObject(params, function(err, data) { if (err) console.log(err, err.stack); // an error occurred else console.log(data); // successful response /* data = { ETag: "\"6805f2cfc46c0f04559748bb039d69ae\"", VersionId: "tpf3zF08nBplQK1XLOefGskR7mGDwcDk" } */ }); The access key ID, and the corresponding secret access key, are associated with an IAM user that has the necessary permissions to execute putObject to send an object to the bucket. I am aware that this is not a secure way of doing things, but that is not a concern at the moment. When I try to open the HTML file in the browser, I the error message in the title appears in the browser console. Here is the complete error message that appears in the browser console: CredentialsError: Missing credentials in config, if using AWS_CONFIG_FILE, set AWS_SDK_LOAD_CONFIG=1 at r (https://sdk.amazonaws.com/js/aws-sdk-2.674.0.min.js:70:20163) at constructor.getCredentials (https://sdk.amazonaws.com/js/aws-sdk-2.674.0.min.js:70:20691) at constructor.<anonymous> (https://sdk.amazonaws.com/js/aws-sdk-2.674.0.min.js:71:21119) at constructor.callListeners (https://sdk.amazonaws.com/js/aws-sdk-2.674.0.min.js:73:23679) at constructor.emit (https://sdk.amazonaws.com/js/aws-sdk-2.674.0.min.js:73:23419) at constructor.emitEvent (https://sdk.amazonaws.com/js/aws-sdk-2.674.0.min.js:73:9203) at constructor.e (https://sdk.amazonaws.com/js/aws-sdk-2.674.0.min.js:73:4845) at i.runTo (https://sdk.amazonaws.com/js/aws-sdk-2.674.0.min.js:75:12863) at constructor.runTo (https://sdk.amazonaws.com/js/aws-sdk-2.674.0.min.js:73:6501) at constructor.send (https://sdk.amazonaws.com/js/aws-sdk-2.674.0.min.js:73:6394) "CredentialsError: Missing credentials in config, if using AWS_CONFIG_FILE, set AWS_SDK_LOAD_CONFIG=1 at r (https://sdk.amazonaws.com/js/aws-sdk-2.674.0.min.js:70:20163) at constructor.getCredentials (https://sdk.amazonaws.com/js/aws-sdk-2.674.0.min.js:70:20691) at constructor.<anonymous> (https://sdk.amazonaws.com/js/aws-sdk-2.674.0.min.js:71:21119) at constructor.callListeners (https://sdk.amazonaws.com/js/aws-sdk-2.674.0.min.js:73:23679) at constructor.emit (https://sdk.amazonaws.com/js/aws-sdk-2.674.0.min.js:73:23419) at constructor.emitEvent (https://sdk.amazonaws.com/js/aws-sdk-2.674.0.min.js:73:9203) at constructor.e (https://sdk.amazonaws.com/js/aws-sdk-2.674.0.min.js:73:4845) at i.runTo (https://sdk.amazonaws.com/js/aws-sdk-2.674.0.min.js:75:12863) at constructor.runTo (https://sdk.amazonaws.com/js/aws-sdk-2.674.0.min.js:73:6501) at constructor.send (https://sdk.amazonaws.com/js/aws-sdk-2.674.0.min.js:73:6394)" Please let me know if there is any other information that I can provide. edit: Using the AWS CLI, I have already attempted to configure my ~/.aws/config file, using the accesskeyID, the secret access key, and the region that I used in the code above
Cannot connect to AWS EC2 using AWS-sdk
I am using aws-sdk with node.js and I am not able to establish a connection to aws ec2 to obtain instance details using the sdk. This is the error: Error Error: connect ENETUNREACH at Object.exports._errnoException (util.js:1020:11) at exports._exceptionWithHostPort (util.js:1043:20) at TCPConnectWrap.afterConnect [as oncomplete] (net.js:1086:14) And this is the piece of code I have written: I have removed the access keys for security purpose. var express = require("express"); var mysql = require('mysql'); var connection = mysql.createConnection({ host: 'localhost', user: '', password: '', database: '' }); var app = express(); // Load the SDK for JavaScript var AWS = require('aws-sdk'); // Set the region AWS.config.update({ region: 'us-east-1' }); var AWS_ACCESS_KEY_ID = ''; var AWS_SECRET_ACCESS_KEY = ''; var params = { DryRun: false }; ec2 = new AWS.EC2({ apiVersion: '2016-11-15' }); ec2.describeInstances(params, function(err, data) { if (err) { console.log("Error", err.stack); } else { console.log("Success", JSON.stringify(data)); res.send({ message: data }); } }); app.listen(443); console.log("The node server is running at port 443"); Is there a way to fix this? I am using aws-sdk for the first time. Thanks in advance.
Probably you're not passing the API keys. var AWS_ACCESS_KEY_ID = ''; var AWS_SECRET_ACCESS_KEY = ''; var params = { DryRun: false }; ec2 = new AWS.EC2({ accessKeyId: AWS_ACCESS_KEY_ID, secretAccessKey: AWS_SECRET_ACCESS_KEY, apiVersion: '2016-11-15' }); Recommendation: Put your API keys in separated locations. If this code will be hosted within an EC2, use Service role permissions for EC2. Use profiles.
The credentials seems to be the issue here. Please double check the credentials you are providing for connecting to EC2. The best option would be to generate a new key_id and secret_access_key and use that. I would personally recommend to download the credentials file and pass that in your code rather than putting key_id and secret_access_key here.
Is Your Computer or Node.js connect to internet? You control this. first open cmd an use ping, if the ping return packet proper. Control internet of node.js. For control use requestify module for this. use this code: const requi=require('requestify'); requi.get("https://google.com") .then(function(data){ console.log(data); }) .catch(function (err) { console.log(err); });
The easiest way to ensure you're doing this properly is to follow the suggested credential management described in AWS SDK For NodeJs. npm install aws-sdk Create a credentials file at ~/.aws/credentials on Mac/Linux or C:\Users\USERNAME.aws\credentials on Windows [default] aws_access_key_id = your_access_key aws_secret_access_key = your_secret_key And then have the AWS object manage the credentials for you: var AWS = require('aws-sdk'); It looks like you might be almost there; instead of storing your keys in your code, store them in the specified credentials file above, and try again.
Allowing users to upload content to s3
I have an S3 bucket named BUCKET on region BUCKET_REGION. I'm trying to allow users of my web and mobile apps to upload image files to these bucket, provided that they meet certain restrictions based on Content-Type and Content-Length (namely, I want to only allow jpegs less than 3mbs to be uploaded). Once uploaded, the files should be publicly accessible. Based on fairly extensive digging through AWS docs, I assume that the process should look something like this on my frontend apps: const a = await axios.post('my-api.com/get_s3_id'); const b = await axios.put(`https://{BUCKET}.amazonaws.com/{a.id}`, { // ?? headersForAuth: a.headersFromAuth, file: myFileFromSomewhere // i.e. HTML5 File() object }); // now can do things like <img src={`https://{BUCKET}.amazonaws.com/{a.id}`} /> // UNLESS the file is over 3mb or not an image/jpeg, in which case I want it to be throwing errors where on my backend API I'd be doing something like import aws from 'aws-sdk'; import uuid from 'uuid'; app.post('/get_s3_id', (req, res, next) => { // do some validation of request (i.e. checking user Ids) const s3 = new aws.S3({region: BUCKET_REGION}); const id = uuid.v4(); // TODO do something with s3 to make it possible for anyone to upload pictures under 3mbs that have the s3 key === id res.json({id, additionalAWSHeaders}); }); What I'm not sure about is what exact S3 methods I should be looking at. Here are some things that don't work: I've seen a lot of mentions of (a very old) API accessible with s3.getSignedUrl('putObject', ...). However, this doesn't seem to support reliably setting a ContentLength -- at least anymore. (See https://stackoverflow.com/a/28699269/251162.) I've also seen a closer-to-working example using an HTTP POST with form-data API that is also very old. I guess that this might get it done if there are no alternatives but I am concerned that it is no longer the "right" way to do things -- additionally, it seems to doing a lot of manual encrypting etc and not using the official node SDK. (See https://stackoverflow.com/a/28638155/251162.)
I think what might be better for this case in POSTing directly to S3, skipping your backend server. What you can do is define a policy that explicitly specifies what can be uploaded to and to where, this policy is then signed using an AWS secret access key (using the AWS sig v4, can generate a policy using this). An example usage of the policy and signature if viewable in the AWS docs For your uses you can specify conditions like: conditions: [ ['content-length-range, 0, '3000000'], ['starts-with', '$Content-Type', 'image/'] ] This will limit uploads to 3Mb, and Content-Type to only items that begin with image/ Additionally, you only have to generate your signature for policy once (or whenever it changes), which means you don't need a request to your server to get a valid policy, you just hardcode it in your JS. When/if you need to update just regenerate the policy and signature and then update the JS file. edit: There isn't a method through the SDK to do this as it's meant as way of directly POSTing from a form on a webpage, i.e. can work with no javascript. edit 2: Full example of how to sign a policy using standard NodeJS packages: import crypto from 'crypto'; const AWS_ACCESS_KEY_ID = process.env.AWS_ACCESS_KEY_ID; const AWS_SECRET_ACCESS_KEY = process.env.AWS_SECRET_ACCESS_KEY; const ISO_DATE = '20190728T000000Z'; const DATE = '20161201'; const REGION = process.env.AWS_DEFAULT_REGION || 'eu-west-1'; const SERVICE = 's3'; const BUCKET = 'your_bucket'; if (!AWS_ACCESS_KEY_ID || !AWS_SECRET_ACCESS_KEY) { throw new Error('AWS credentials are incorrect'); } const hmac = (key, string, encoding) => { return crypto.createHmac("sha256", key).update(string, "utf8").digest(encoding); }; const policy = { expiration: '2022-01-01T00:00:00Z', conditions: [ { bucket: BUCKET, }, ['starts-with', '$key', 'logs'], ['content-length-range', '0', '10485760'], { 'x-amz-date': ISO_DATE, }, { 'x-amz-algorithm': 'AWS4-HMAC-SHA256' }, { 'x-amz-credential': `${AWS_ACCESS_KEY_ID}/${DATE}/${REGION}/${SERVICE}/aws4_request` }, { 'acl': 'private' } ] }; function aws4_sign(secret, date, region, service, string_to_sign) { const date_key = hmac("AWS4" + secret, date); const region_key = hmac(date_key, region); const service_key = hmac(region_key, service); const signing_key = hmac(service_key, "aws4_request"); const signature = hmac(signing_key, string_to_sign, "hex"); return signature; } const b64 = new Buffer(JSON.stringify(policy)).toString('base64').toString(); console.log(`b64 policy: \n${b64}`); const signature = aws4_sign(AWS_SECRET_ACCESS_KEY, DATE, REGION, SERVICE, b64); console.log(`signature: \n${signature}\n`);
You need to get familiar with Amazon Cognito and especially with identity pool. Using Amazon Cognito Sync, you can retrieve the data across client platforms, devices, and operating systems, so that if a user starts using your app on a phone and later switches to a tablet, the persisted app information is still available for that user. Read more here: Cognito identity pools Once you create new identify pool, you can reference it while using S3 JavaScript SDK which will allow you to upload content whit out exposing any credentials to the client. Example here: Uploading to S3 Please read through all of it, especially the section "Configuring the SDK". The second part of your puzzle - validations. I would go about implementing a client-side validation (if possible) to avoid network latency before giving an error. If you would choose to implement validation on S3 or AWS Lambda you are looking for a wait-time until file reaches AWS - network latency.
This is something I know we have in our project, so I'll show you part of the codes: you first need to post to your own server to get the creds for the upload, from that you will return the params from the client upload to S3. these are params you send to the aws s3 service, you will need the bucket, upload path, and the file let params = { Bucket: s3_bucket, Key: upload_path, Body: file_itself }; this is the code I have for the actual upload to s3 config.credentials = new AWS.Credentials(credentials.accessKeyId, credentials.secretAccessKey, credentials.sessionToken); let s3 = new S3(config); return s3.upload(params, options).on("httpUploadProgress", handleProgress); all of those credentials items you get from your backend of course.
On the backend you need to generate a timed, presigned URL and send that URL to the client for accessing the S3 object. Depending on your backend implementation technology you can use the AWS CLI or SDKs (e.g. for Java, .Net, Ruby or Go). Please refer to CLI docs and SDK docs and more SDK Content size restriction is not supported in link generation directly. But the link is just there to relay the access rights that the AWS user has. For using a policy to restrict file size on upload you have to create a CORS policy on the bucket and use HTTP POST for the upload. Please see this link.
your servers acts like a proxy, also responsible for authorization, validation, etc. Some code snippet: upload(config, file, cb) { const fileType = // pass with request or generate or let empty const key = `${uuid.v4()}${fileType}`; // generate file name: const s3 = new AWS.S3(); const s3Params = { Bucket: config.s3_bucket, Key: key, Body: file.buffer }; s3.putObject(s3Params, cb); } and then you can send the key to the client and provide further access.
AWS Cognito Identity NotAuthorizedException
I'm using the AWS javascript sdk in order to integrate user pools with a web app that I am building. The user pool is setup and I've followed the usage example here: https://github.com/aws/amazon-cognito-identity-js I keep getting an error that says: "NotAuthorizedException: Unable to verify secret hash for client (my app client id)" AWS.config.region = 'us-east-1'; // Region AWS.config.credentials = new AWS.CognitoIdentityCredentials({ IdentityPoolId: '...' // my identity pool id here }); AWSCognito.config.region = 'us-east-1'; AWSCognito.config.credentials = new AWS.CognitoIdentityCredentials({ IdentityPoolId: '...' // my identity pool id here }) var poolData = { UserPoolId: '...', // my user pool id here ClientId: '...' // client id here }; var userPool = new AWSCognito.CognitoIdentityServiceProvider.CognitoUserPool(poolData); var userData = { Username : 'username', Pool : userPool }; var attributeList = []; var dataEmail = { Name : 'email', Value : 'email#mydomain.com' }; var dataPhoneNumber = { Name : 'phone_number', Value : '+15555555555' }; var attributeEmail = new AWSCognito.CognitoIdentityServiceProvider.CognitoUserAttribute(dataEmail); var attributePhoneNumber = new AWSCognito.CognitoIdentityServiceProvider.CognitoUserAttribute(dataPhoneNumber); attributeList.push(attributeEmail); attributeList.push(attributePhoneNumber); userPool.signUp('username', 'password', attributeList, null, function(err, result){ if (err) { alert(err); return; } cognitoUser = result.user; console.log('user name is ' + cognitoUser.getUsername()); }); Any suggestions or potential issues with the code snippet above? Thanks!
The solution to this is actually quite straightforward. You have to delete the app in aws and re-add it without a secret key so it can authorize.
When creating a web application using the Javascript SDK you cannot use a secret key as there is no where to store it. This will cause the exception you are seeing. As you discovered, creating an app without a secret key solves the issue.
For JavaScript SDK, Cognito still not supports the "Client Secret". When you are creating the App Client be sure uncheck the "Generate Secret" key. This is the same issue I am facing with Java SDK as well. But its a question to AWS Cognito team? How we will use the Client Secret which is preferred for production environment. Time being if anyone facing the similar issues please delete your Client App and re-create the Client app without generating Client Secret. Still we are expecting from the expert developer to answer, how we will use the client secret?
In my case, I typed incorrectly to UserPoolId. So check your credential once again.