aws-amplify
Error occurred awaiting for device token to register device with Pinpoint, Invalid identity pool configuration. Check assigned IAM roles for this pool.
Description
When running app both on Android and iOS I face this issue during the configureAmplify() method which is inside main():
Future<void> main() async {
final binding = WidgetsFlutterBinding.ensureInitialized();
await EasyLocalization.ensureInitialized();
configureDependencies();
await configureAmplify();
await _configureFirebase();
await fetchAuth();
runApp(....);
}
Future<void> configureAmplify() async {
try {
final auth = AmplifyAuthCognito();
final api = AmplifyAPI();
final pushPlugin = AmplifyPushNotificationsPinpoint();
await Amplify.addPlugin(auth);
await Amplify.addPlugin(api);
await Amplify.addPlugin(pushPlugin);
await Amplify.configure(amplifyconfig);
} on Exception catch (e) {
safePrint('An error occurred configuring Amplify: $e');
}
}
When I remove await Amplify.addPlugin(pushPlugin); I don't receive such error. I use existing resources, here is my amplifyconfig
{
"UserAgent": "aws-amplify-cli/2.0",
"Version": "1.0",
"api": {
"plugins": {
"awsAPIPlugin": {
"DevCubeAirApi": {
"endpointType": "GraphQL",
"endpoint": "<graphql-endpoint>",
"region": "us-east-2",
"authorizationType": "AMAZON_COGNITO_USER_POOLS"
}
}
}
},
"auth": {
"plugins": {
"awsCognitoAuthPlugin": {
"IdentityManager": {
"Default": {}
},
"CredentialsProvider": {
"CognitoIdentity": {
"Default": {
"PoolId": "us-east-2:<pool-id>",
"Region": "us-east-2"
}
}
},
"CognitoUserPool": {
"Default": {
"PoolId": "<pool-id>",
"AppClientId": "<app-client>",
"Region": "us-east-2"
}
},
"Auth": {
"Default": {
"authenticationFlowType": "USER_SRP_AUTH",
"OAuth": {
"WebDomain": "<web-domain>",
"AppClientId": "<app-client>",
"SignInRedirectURI": "myapp://",
"SignOutRedirectURI": "myapp://",
"Scopes": [
"phone",
"email",
"openid",
"profile",
"aws.cognito.signin.user.admin"
]
}
}
}
}
}
},
"notifications": {
"plugins": {
"awsPinpointPushNotificationsPlugin": {
"appId": "<pinpoint-app-id>",
"region": "us-east-2"
}
}
}
}
''';
Here is AWS cognito identity pool information :
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Federated": "cognito-identity.amazonaws.com"
},
"Action": "sts:AssumeRoleWithWebIdentity",
"Condition": {
"StringEquals": {
"cognito-identity.amazonaws.com:aud": "us-east-2:<pool-id>" // same as in the configuration file and cognito identity pool id
},
"ForAnyValue:StringLike": {
"cognito-identity.amazonaws.com:amr": "authenticated"
}
}
}
]
}
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"cognito-identity:GetCredentialsForIdentity",
"mobiletargeting:*",
"cognito-sync:*",
"cognito-identity:*"
],
"Resource": "*"
}
]
}
Categories
- [ ] Analytics
- [ ] API (REST)
- [ ] API (GraphQL)
- [ ] Auth
- [ ] Authenticator
- [ ] DataStore
- [X] Notifications (Push)
- [ ] Storage
Steps to Reproduce
Open the app -> run main() -> run configureAmplify() -> error appears
Screenshots
Platforms
- [X] iOS
- [X] Android
- [ ] Web
- [ ] macOS
- [ ] Windows
- [ ] Linux
Flutter Version
3.19.0
Amplify Flutter Version
1.8.0
Deployment Method
Amplify CLI + Custom Pipeline
Schema
No response
Hello @MishaPadalka thank you for submitting this issue. We will look into this and get back to you!
Hello @MishaPadalka after review our documentation for setting up push notification we found this excerpt:
Authorizing the app for analytics events is crucial for unauthenticated users, particularly if you intend to configure Amplify or send push notifications to your users before their authentication. If authorization is declined, please keep in mind that updating the Cognito user pool would become necessary, and any subsequent updates could potentially result in the deletion of the current user data.
Your role trust policy seems to be configured to authorization:
"cognito-identity.amazonaws.com:amr": "authenticated"
Could you please try updating you trust policy to "unauthenticated" and let us know if that resolves your issue.
Hello @tyllark I tried to update the trust policy to unauthenticated but it didn't help, the same error occurs. Maybe there is another option in which this error can occur? Also I wanted to add that during the first ran I receive this error :
, but after hot restart I receive this one
@MishaPadalka Sorry for the delay. Can you please verify the status of guest access in your identity.
AWS Console -> Cognito -> Identity pools -> Identity pool name -> User access -> Guest access
If guest access is inactive try activating it and verify again that the guest role's trust relationship is unauthenticated.
Hello @tyllark , sorry for the delay. Here is my screenshots, but I still have the same error
Hello @tyllark ! Could you please help me with this problem? (I've closed it by mistake, it is still valid)
Hello @MishaPadalka sorry for the delay, we are still looking into this issue. Your unauthenticated policy + trust entities look correct and I was unable to reproduce the issue when using them in my app. Could you please provide the following details:
- Your authenticated policy and trust entities.
- Are you experiencing this issue while authenticated (from a previous session) and/or while unauthenticated?
@MishaPadalka if you are still facing this issue can you please provide the info above? Thanks.
@MishaPadalka I am going to close this out since we have not heard back