Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add missing cognito oauth scope (#7450)
For some reason, the hosted UI for both email and password and SSO, as well as the `Auth.federatedSignIn({provider: 'Google'})` call require the `aws.cognito.signin.user.admin` scope to be enabled to fetch and update user attributed. However, a call to `Auth.signIn(email, password)` does not. This is not well documented in AWS Cognito. # Important Notes `aws.cognito.signin.user.admin` gives you access to all Cognito User Pool APIs. Which federatedSignIn with google provider uses to get `currentUserInfo()` where we store optional `organizationId`. It does not provide any admin level access to other cognito or AWS parts.
- Loading branch information