Error when upgrading to 3.0.11 version with AWSAppSyncRealTimeProvider and cognito identity pool

[SebSchwartz]

Describe the bug
Hi guys,
We updated aws-amplify lib from 2.2.7 to 3.0.11 and since, we cannot make any graphql request (from datastore or graphql api).
Here is the error we are receiving now:
[WARN] 57:00.206 AWSAppSyncRealTimeProvider - ensure credentials error No Cognito Identity pool provided for unauthenticated access.
Uncaught (in promise) Error: No credentials
at AWSAppSyncRealTimeProvider. (AWSAppSyncRealTimeProvider.js:1248)
at step (AWSAppSyncRealTimeProvider.js:169)
at Object.next (AWSAppSyncRealTimeProvider.js:99)
at fulfilled (AWSAppSyncRealTimeProvider.js:53)

We didn't change any config when going to newer version. User can still login and we are receiving accessToken and idToken. When we are rolling back to older version, everything is working again.
Does anyone has a clue on where to check or what could be wrong?

(We are not using AWS.config or AWS.credentials in the frontend app at all).

To Reproduce
Here is our auth config on entities:

type House
  @model
  @auth(
    rules: [
      { allow: groups, groupsField: "clientId" }
      { allow: private, provider: iam, operations: [read, create, update] }
    ]
  ) {
  id: ID!
  name: String!
...
  clientId: ID!
}

Problems occurs when we have signed in the user. On all grapqh request we have this error (from DataStore or from GraphQL API methods).
Our amplify init:

Amplify.configure(awsExports)

Our login method:

Auth.signIn(email, password)

The user is well logged in, we are receiving him via Hub with all good params and his accessToken/idToken are ok.

Expected behavior
To be able to update to newer version

What is Configured?
If applicable, please provide what is configured for Amplify CLI:

• Which resources do you have configured?
  • If applicable, please provide your aws-exports file:

   "aws_project_region": "eu-west-1",
   "aws_cognito_identity_pool_id": "eu-west-1:xxx",
   "aws_cognito_region": "eu-west-1",
   "aws_user_pools_id": "eu-west-1_xxx",
   "aws_user_pools_web_client_id": "xxxx",
   "oauth": {
       "domain": "xxxx-dev.auth.eu-west-1.amazoncognito.com",
       "scope": [
           "phone",
           "email",
           "openid",
           "profile",
           "aws.cognito.signin.user.admin"
       ],
       "redirectSignIn": "https://fddsfdfdf.com/",
       "redirectSignOut": "https://ddfdfdf.com/",
       "responseType": "code"
   },
   "federationTarget": "COGNITO_USER_AND_IDENTITY_POOLS",
   "aws_content_delivery_bucket": "xxxx-hostingbucket-dev",
   "aws_content_delivery_bucket_region": "eu-west-1",
   "aws_content_delivery_url": "https://xxxxx.cloudfront.net",
   "aws_user_files_s3_bucket": "xxxxx-dev",
   "aws_user_files_s3_bucket_region": "eu-west-1",
   "aws_appsync_graphqlEndpoint": "https://xxxxx.appsync-api.eu-west-1.amazonaws.com/graphql",
   "aws_appsync_region": "eu-west-1",
   "aws_appsync_authenticationType": "AMAZON_COGNITO_USER_POOLS" };
  

[pixelsailor]

Experiencing similar issues. I've tried every combination of api+auth that I can think of but get either "[WARN] 15:02.260 GraphQLAPI - ensure credentials error No Cognito Identity pool provided for unauthenticated access" which then results in a "No credentials" error OR I get an error of "undefined" when accessing my API with an authenticated Cognito user. These errors are despite that I have unauthenticated access enabled on my id pool.

My intent is to use IAM so I can provide public access to the API but am now unable to do so.

This was working fine last week but I haven't been able to roll back to an older version. When doing so I get errors with Amplify - likely due to deleting the project and starting over several times.

[manueliglesias]

Hi @SebSchwartz , @pixelsailor

Could you first try removing your node_modules directory, your yarn.lock or package-lock.json and re-running yarn install or npm install?

[pixelsailor]

Hi @SebSchwartz , @pixelsailor

Could you first try removing your node_modules directory, your yarn.lock or package-lock.json and re-running yarn install or npm install?

Already tried when I initially reverted to an earlier version than back to 3.0.11

[pixelsailor]

I seem to have a working app again for my use case. I created a new test app using IAM for API auth and noticed the error handler was returning errors for null keys. Used a create migration to create an entry with the API to create the missing, autogenerated underscore fields and got back clean results with no errors. Then went back to my dynamodb tables for my original app and added those fields to the tables (__typename, _lastChangedAt, _version) and now get good results again for that app as well.

I have not tried using the API with Cognito auth again so I may be bypassing the identity pool error. My use-case requires public, unauthenticated read access so I'm using public IAM auth to accomplish that.

Curious why it worked prior without those fields and broke suddenly. Constantly, destroying my Amplify app and recreating it certainly didn't help and just contributed to the problem since if I did have a good DB at one point it would have been destroyed in the process and then replaced with an erroneous one. Note that I was previously adding items to DynamoDB via the AWS console and not using Amplify API. If these fields are expected by the generated API it would be extremely helpful to have them noted in the docs or have them auto created by DynamoDB when adding items by hand.

[manueliglesias]

Thanks @pixelsailor

Looks like two different issues got mixed in this one, correct me if I am wrong, but your issue is not related to the error message AWSAppSyncRealTimeProvider - ensure credentials error, but to the fields Sync-enabled (DataStore enabled) apis require (_version, _deleted, _lastChangedAt)

If these fields are expected by the generated API it would be extremely helpful to have them noted in the docs or have them auto created by DynamoDB when adding items by hand.

Thank you for the suggestion, we'll look into making mention of this in the docs

[manueliglesias]

@SebSchwartz

When we are rolling back to older version, everything is working again. Does anyone has a clue on where to check or what could be wrong?

We've seen similar issues on v2 -> v3 upgrades, and sometimes it had to do with lockfiles. Can you remove your node_modules and lockfiles and try with the latest versions?

[SebSchwartz]

@manueliglesias It's ok with the delete of node_modules and lockfiles ;)

Thanks for help

[rhythmone]

Wonder if this should be reopened. I had this issue when moving to a new machine; everything that used to be working was not and returning a 'No Cognito Identity pool provided for unauthenticated access'. I ended up moving the lock file and the node_modules over from previous machine and now it works again

[igorkosta]

Guys, how can you close an issue without identifying a root cause. More often than not AWS Amplify is a pure frustration.

[amlcodes]

nothing helping me here. Have forced cache clean, deleted package-lock.json and installed again, tried reverting back to previous version before i updated, nothing helping

[dsws]

I can confirm that deleting the package-lock and re-installing node_modules did fix this. If you have ReactNative don't forget to do pod install or whatever you use.

[TheMoums]

Make sure that you have one and only one version of each amplify service in your yarn.lock or package-lock.json.
Having multiple versions of the same service is what caused the problem in my project.
This can happen if

• You are using the aws-amplify package and aws-amplify/datastore, aws-amplify/api,.. packages.
  Use the aws-amplify package OR the specific ones but never mix them.

• You are working in a monorepo project where you have different versions of amplify services for different purposes (mobile, web, ..) but in the same lockfile. In that case, you must make sure that there are no version discrepancies between your packages and keep only one version.

Once you are sure that you have one and only one version of each amplify service in your lockfile, just do as above -> delete your node_modules and reinstall them.

[github-actions]

This issue has been automatically locked since there hasn't been any recent activity after it was closed. Please open a new issue for related bugs.

Looking for a help forum? We recommend joining the Amplify Community Discord server *-help channels or Discussions for those types of questions.