This generates the secret hash for AWS Cognito so that you can authenticate against AWS Cognito via the Auth Flow: USER_PASSWORD_AUTH and obtain an Authentication Result back with bearer access, id, and refresh tokens.
This is useful in API tools like Postman, Insomnia, Paw, RapidAPI, curl, etc to authenticate a request as a user.
All you need is a modern version of node on your system with npx available.
Run the following in your terminal and the script will prompt you for inputs. The prompting helps prevent storing secrets in the command history.
npx github:uptech/node-aws-cognito-secret-hash-generatorOnce you get your secret hash, you can get auth tokens from AWS Cognito like so:
- Replace the
xxxsections below to your information. - The secret has will not change as long as your inputs do not change.
This uses the Auth Flow: User Password Auth to obtain authorization bearer tokens from AWS Cognito.
curl -X "POST" "https://cognito-idp.us-west-2.amazonaws.com/" \
-H 'X-Amz-Target: AWSCognitoIdentityProviderService.InitiateAuth' \
-H 'Content-Type: application/x-amz-json-1.1' \
-d $'{
"AuthFlow": "USER_PASSWORD_AUTH",
"AuthParameters": {
"USERNAME": "xxx"
"PASSWORD": "xxx",
"SECRET_HASH": "xxx",
},
"ClientId": "xxx"
}'Inspired by: