Using Cognito Identity with NodeJS

This snippet allows us as DevOps to troubleshoot quickly the login when using Cognito Federated Authentication with a custom database for username / password.

npm install @aws-sdk/client-cognito-identity

const {
  CognitoIdentityClient,
  GetOpenIdTokenForDeveloperIdentityCommand,
  GetCredentialsForIdentityCommand,
} = require("@aws-sdk/client-cognito-identity");

(async () => {
  const cognitoIdentityClient = new CognitoIdentityClient({});
  const response = await cognitoIdentityClient.send(
    new GetOpenIdTokenForDeveloperIdentityCommand({
      TokenDuration: 86400,
      // You can find this in AWS Cognito Identity Pool (Federated)
      IdentityPoolId: "REGION:GUID",
      Logins: {
        ["YOUR_COMPANY_NAME"]: "USER_ID_FETCHED_FROM_DEDICATED_DATABASE",
      },
      PrincipalTags: {
        foo: "bar",
        someOther: "tagsYouNeed",
      },
    })
  );

  const credentials = await cognitoIdentityClient.send(
    new GetCredentialsForIdentityCommand({
      IdentityId: "REGION:GUID",
      Logins: { "cognito-identity.amazonaws.com": response.Token },
    })
  );

  console.log(credentials);
})();

Using the printed credentials, you will be able to communicate with secured AWS Services using postman, and etc.

Usage:

export AWS_ACCESS_KEY_ID=
export AWS_SECRET_ACCESS_KEY=
export AWS_SESSION_TOKEN=
aws sts get-caller-identity