php - MissingAuthenticationTokenException ("Missing Authentication Token") from CognitoIdentityProviderClient::adminCreateUser()

问题描述

I have a working implementation of the AWS PHP SDK. Operations like $client->getUser() are working, but $client->adminCreateUser() and others are not working.

When I call $client->adminCreateUser([...]), it results in:

Error executing "AdminCreateUser" on "https://cognito-idp.ap-southeast-2.amazonaws.com"; AWS HTTP error: Client error: `POST https://cognito-idp.ap-southeast-2.amazonaws.com` resulted in a `400 Bad Request` response:
{"__type":"MissingAuthenticationTokenException","message":"Missing Authentication Token"}
 MissingAuthenticationTokenException (client): Missing Authentication Token - {"__type":"MissingAuthenticationTokenException","message":"Missing Authentication Token"}

Line 191 in /var/www/project/vendor/aws/aws-sdk-php/src/WrappedHttpHandler.php

Similar services evoked from CLI (e.g cognito-idp admin-create-user) with the exact same credentials are working.

What is causing this?

Example Details

My environment:

• Ubuntu 18.04
• Apache 2.4.29
• PHP 7.3
• aws/aws-sdk-php 3.92.3

.aws/credentials

[default]
aws_access_key_id=XXXX
aws_secret_access_key=XXXX

I am using my developer credentials

Example code:

$client = new CognitoIdentityProviderClient([
    'version' => 'latest',
    'region' => 'ap-southeast-2',
    'credentials' => false, // Set to false to allow roles provisioned to our EC2 instances
]);

$result = $client->adminCreateUser([
    'DesiredDeliveryMediums' => ['Email'],
    'MessageAction' => 'RESEND',
    'TemporaryPassword' => 'TemporaryPassword1234',
    'UserAttributes' => [
        ['Name' => 'email', 'Value' => 'mailbox@domain.tld'],
    ],
    'UserPoolId' => 'ap-southeast-2_XXXX',
    'Username' => 'mailbox@domain.tld',
]);

标签： phpamazon-web-servicesaws-sdkamazon-cognito