Converting AWS Cognito Pool user to Federated user Id

0
votes

I need to get the Federated Identity Id for a Cognito Identity Pool user.

My dynamodb tables use userId as the primary key, where userId is the Cognito Federated Identity Id (configured using mobilehub). In an android app, I make a query using an AmazonCognitoIdentityProviderClient (which is properly instantiated with the IdentityManager and uses CognitoUserPoolsSignInProvider & FacebookSignInProvider) -- this query successfully retrieves all of the users in my cognito user pool (I do use a filter, but have removed it for simplicity, here):

ArrayList<UserType> cognitoPoolUsers = instantiatedAmazonCognitoIdentityProviderClient().listUsers().getUsers();

The users in cognitoPoolUsers have attributes like email and username, but the userId that is used for the dynamo primary key is the userId of the federated user that is linked to the cognitoPoolUser.

How can I retrieve the corresponding federated identity userId, given that I have successfully retrieved the list of cognitoPoolUsers?

End goal (I would actually use batchLoad, but for simplicity..):

ArrayList<UserType> cognitoPoolUsers = instantiatedAmazonCognitoIdentityProviderClient().listUsers().getUsers();

for(int k=0; k<cognitoPoolUsers.size(); k++) {
  UserType cognitoPoolUser = cognitoPoolUsers.get(k);
  SomeDynamoDO dynamoDO = new SomeAmazonDO();

  //Unknown Step:
  String correspondingFederatedId = extractFederatedId(cognitoPoolUser);

  dynamoDO.setUserId(correspondingFederatedId)
  dynamodbMapper.load(dynamoDO)
}
1
androidamazon-web-servicesamazon-dynamodbaws-sdkaws-cognito
Simple. Login your userpool user; get the token and call the GetId API and provide the token in the loginmapagent420
@agent420 , this worked! Would you like to add a quick code snippet as an actual comment so that I can officially accept yours as the answer?Aidan Hoolachan
Great! Added my comment as an answeragent420

1 Answers

1
votes

You can get the Identity Id for a Userpool user by logging in the user to get an Id token and calling the GetId API. Using Android SDK:

//Login and get the Id token. 
//The 'iss' claim of the token without https: will be the providerName
credentialsProvider = new CognitoCachingCredentialsProvider(context, IDENTITY_POOL_ID,REGION);
Map<String, String> logins = credentialsProvider.getLogins();
if (logins == null) {
    logins = new HashMap<String, String>();
}
logins.put(providerName, token);
credentialsProvider.setLogins(logins);
String id=credentialsProvider.getIdentityId();

If you want to use low-level API calls, this is the relevant call. Add the Userpool token in the login map parameter.