"not verified" response - cognito

[JustinGuese]

Hi, maybe I am missing something obvious, but when authenticating using an auth token from cognito, the fastapi-cloudauth responds with 401 {"detail": "Not verified"}

This does not refer to the user I guess, as the user is email & phone verified, but does it refer to the domain (localhost, local dev)?
How would I test my app locally then?

I hope you can point me in the right direction, as this package would be awesome to use!

[tivaliy]

There are two types of token available in Cognito: IdToken and AccessToken. Make sure that you are using correct one.

[PsypherPunk]

Can I check which of these is considered "correct"?

We've an API Gateway in front of an app. which uses fastapi-cloudauth and the Gateway seemingly accepts either. fastapi-cloudauth, however, seems only to accept the IdToken.

Not sure if I missed something in the docs
as to why that would be or if it's configurable…?

[PsypherPunk]

Ignore me: I RTFM'd a little harder and that first example finally clicked (AccessUser for the AccessToken; CognitoClaims for the IdToken.)

[JLongley]

I've implemented the code exactly as listed in the documentation for get_current_user, but regardless of if I pass the idToken or accessToken I still receive {detail: 'Not verified'}.

[PsypherPunk]

@JLongley, can I check how you're getting the tokens? And how you're forming the requests?

I've just copy/pasted the example from the README and it's seemingly working for both ID and Access tokens.