'AWS boto3 Cognito Invalid Access Token Error

I have a Python lambda function processing an API request from a user to change their password. The API for change_password is as follows

response = client.change_password(
    PreviousPassword='string',
    ProposedPassword='string',
    AccessToken='string'
)

My question is what should I use to populate the AccessToken? I have tried the user's token obtained at login (and passed in the event). I have tried the assumed role's credentials:

    session = boto3.Session()
    credentials = session.get_credentials()
    accessKey = credentials.access_key

Unfortunately neither work. Thanks!

boto3amazon-cognito


Solution 1:[1]

OK - in order to help anyone else as dumb as me... I was using the Cognito IdToken not the AccessToken (as is clearly stated in the docs - RTFM). Not sure I really understand when to use each one, but using the AccessToken generated by cognito.initiate_auth() (i.e. login) works just fine!

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 redPanda

Related Questions

IAM Role + Boto3 + Docker container

how can i get Organization names for the fetched aws organizations for a parent id?

The security token included in the request is expired

Retrieving subfolders names in S3 bucket from boto3

Exclude headers from s3v4 signature calculation

Download a folder from S3 using Boto3

How to use boto3 (or other Python) to list the contents of a _RequesterPays_ S3 bucket?

Why is AWS telling me BucketAlreadyExists when it doesn't?

How to use Boto3 pagination

DiskSpaceUtilization metrics for EC2 instance in python boto script showing empty response

Error "Read-only file system" in AWS Lambda when downloading a file from S3

How to download everything in that folder using boto3

Calculate the size of all files in a bucket S3

S3 Ninja endpoint throws could not connect error when using Boto3 S3 resource

Is there a way to restart an Replication Task in DMS without recreating the task itself?