I am writing a Lambda function in Go to authenticate a user, the AccessToken/IdToken I want to use for subsequent API calls.
When I execute the Go code from a standalone program, it works, the InitiateAuth was successful.
When I tried to use the same code from the lambda function, I get an error NotAuthorizedException: Unable to verify secret hash for client .......
Here is the code snippet I am using
func AuthenticateUser(userName string, passWord string) (*cognitoidentityprovider.InitiateAuthOutput, error) {
username := aws.String(userName)
password := aws.String(passWord)
clientID := aws.String(constants.COGNITO_APP_CLIENT_ID)
params := &cognitoidentityprovider.InitiateAuthInput{
AuthFlow: aws.String("USER_PASSWORD_AUTH"),
AuthParameters: map[string]*string{
"USERNAME": username,
"PASSWORD": password,
},
ClientId: clientID,
}
authResponse, authError := cognitoClient.InitiateAuth(params)
if authError != nil {
fmt.Println("Error = ", authError)
return nil, authError
}
fmt.Println(authResponse)
fmt.Println(*authResponse.Session)
return authResponse, nil
}
I have given sufficient permissions to the lambda user - cognito-idp:AdminCreateUser - cognito-idp:AdminDeleteUser - cognito-idp:InitiateAuth - cognito-idp:ChangePassword - cognito-idp:AdminRespondToAuthChallenge - cognito-idp:AdminInitiateAuth - cognito-idp:ConfirmForgotPassword
Am I missing something here?