amplify-category-api icon indicating copy to clipboard operation
amplify-category-api copied to clipboard

Published 20 hours ago verified publisher icon aws-amplify

Not Authorized Error When Using `allow.guest()` in Amplify Gen 2 Custom Query

Open mnai01 opened this issue 8 months ago • 2 comments

Environment information

System:
  OS: Windows 11 10.0.26100
  CPU: (16) x64 AMD Ryzen 9 6900HS Creator Edition
  Memory: 10.48 GB / 27.69 GB
Binaries:
  Node: 22.9.0 - C:\Program Files\nodejs\node.EXE
  Yarn: 4.1.1 - C:\Program Files\nodejs\yarn.CMD
  npm: 10.8.3 - C:\Program Files\nodejs\npm.CMD
  pnpm: undefined - undefined
NPM Packages:
  @aws-amplify/ai-constructs: 1.2.3
  @aws-amplify/auth-construct: 1.6.0
  @aws-amplify/backend: 1.14.1
  @aws-amplify/backend-ai: Not Found
  @aws-amplify/backend-auth: 1.5.0
  @aws-amplify/backend-cli: 1.4.10
  @aws-amplify/backend-data: 1.4.0
  @aws-amplify/backend-deployer: 1.1.17
  @aws-amplify/backend-function: 1.12.2
  @aws-amplify/backend-output-schemas: 1.4.0
  @aws-amplify/backend-output-storage: 1.1.4
  @aws-amplify/backend-secret: 1.1.6
  @aws-amplify/backend-storage: 1.2.4
  @aws-amplify/cli-core: 1.2.4
  @aws-amplify/client-config: 1.5.7
  @aws-amplify/data-construct: 1.14.8
  @aws-amplify/data-schema: 1.18.0
  @aws-amplify/deployed-backend-client: 1.5.0
  @aws-amplify/form-generator: 1.0.4
  @aws-amplify/model-generator: 1.0.12
  @aws-amplify/platform-core: 1.6.2
  @aws-amplify/plugin-types: 1.8.0
  @aws-amplify/sandbox: 1.2.11
  @aws-amplify/schema-generator: 1.2.7
  aws-amplify: 6.13.0
  aws-cdk: 2.1000.2
  aws-cdk-lib: 2.179.0
  typescript: 4.9.5
No AWS environment variables
No CDK environment variables

Data packages

└─┬ @browsian/[email protected] -> .\browsian-be
  ├─┬ @aws-amplify/[email protected]
  │ └─┬ @aws-amplify/[email protected]
  │   └── @aws-amplify/[email protected]
  └─┬ @aws-amplify/[email protected]
    └─┬ @aws-amplify/[email protected]
      └── @aws-amplify/[email protected]

Description

I am encountering a “Not Authorized to access **** on type Query” error while attempting to enable guest access (using allow.guest()) for a custom query in Amplify Gen 2. The same setup works correctly when I switch to allow.authenticated(), and everything functions as expected if the user is signed in. However, as soon as I revert to allowing guest access for the query (so that unauthenticated users can retrieve SubscriptionProduct and OneTimeProduct data), the API call consistently fails with the “Not Authorized” error. This issue persists despite closely following the Amplify documentation and properly configuring the custom types and query handler.

        SubscriptionProduct: a.customType({
            id: a.string(),
            name: a.string(),
            description: a.string()
        }),

        OneTimeProduct: a.customType({
            id: a.string(),
            name: a.string(),
            description: a.string(),
            price: a.float()
        }),

        GetProducts: a
            .query()
            .returns(
                a.customType({
                    subscriptionProducts: a.ref('SubscriptionProduct').array(),
                    oneTimeProducts: a.ref('OneTimeProduct').array(),
                })
            )
            .handler(a.handler.function(getProducts))
            .authorization((allow) => allow.guest()),

mnai01 avatar Feb 27 '25 04:02 mnai01