Get Cognito token using Insomnia with awscognitotoken plugin

Question

I look for the Authorization token used by Cognito in order to put it in the header of my tests. I need to test some backend API.

I am using Insomnia and the awscognitotoken plugin. However, I fail to configure it in order to get the token. Their usage is not clear to me.

Here is how I configure the awscognitotoken plugin :

• Function to Perform: AWS Cognito Team - Plugin for insomnia ………
• Username: the email I use to login to cognito; also tried the cognito username (uuid)
• Password: the password
• Region: eu-west-1
• ClientId: 3t********************dcl5
• TokenType: access
• ClientSecret: nothing as none is configured

What I get is:

Error in getting session: 
{ "request":
  { "method":"post",
    "headers":{
      "content-type":"application/x-amz-json-1.1",
      "x-amz-target":"AWSCognitoIdentityProviderService.InitiateAuth"
    },
    "body":"{\"AuthFlow\":\"USER_PASSWORD_AUTH\",\"ClientId\":\"3t***dcl5\",\"AuthParameters\":{\"USERNAME\":\"[email protected]\",\"PASSWORD\":\"<password>\"}}"},
  "status":400
}

Can you spot any error?

Answer 1

Il seems that in my case the problem was that I did not allow the USER_PASSWORD_AUTH in the settings of AWS.

Here is what I did to allow it:

• Choose your UserPool
• General Settings › App Clients › Show details
• Auth Flows Configuration › check Enable username password based authentication (ALLOW_USER_PASSWORD_AUTH)

After doing that I've got the token [and I feel stupid].