I have AWS Lambda functions working fine with Cognito authenticated users.
I am now trying to get unauthenticated Cognito users going.
I cannot find any way at the back end to determine if the current user that called the Lambda function is authenticated or unauthenticated.
The identifying information that I have about the user is their Cognito IdentityId but how can I use that to find out of unauthenticated?
I'm using Python boto3.6 in Lambda.
check this http://boto3.readthedocs.io/en/latest/reference/services/cognito-identity.html#CognitoIdentity.Client.describe_identity
you get the logins if it is a auth user. never used it, but I think that is the way to know
EDIT: From OP: yes this is correct - the important thing is that the absence of the key "Logins" in the returned value means that the user is unauthenticated.
res = client2.describe_identity(
IdentityId=context.identity.cognito_identity_id
)
if ('Logins' not in res.keys()):
return True
else:
return False
