I have a Cognito Setup which has SMS MFA enabled. Cognito user pool, SNS, PinPoint all are in Singapore region. When I add the origination number there are not many options which have SMS Enabled so I could only choose either US or Canada.
In both cases "Send Test Message" works fine while Message through Cognito as part of MFA fails with ""providerResponse": "Unknown error attempting to reach phone".
I have tried programatically as well and it works fine.
Apart from the CloudWatch logs there is no other way to debug the error.
Please help if some one has faced and resolved such issue.
I found the solution: There are two separate spending limits to be set.
Pinpoint
SNS
For me Pinpoint was set but SNS was not correctly set. It all worked after increasing spending limit for SNS.
This article was useful: https://aws.amazon.com/premiumsupport/knowledge-center/cognito-troubleshoot-mfa-sms-delivery/
Related
I am trying to enroll a user on my Moodle site via using the Moodle API.
My Moodle instance is hosted on AWS and all relevant ports are open and listening. So, from the network perspective, I can commit that is all ok.
The steps I have already done based on Moodle Documentation:
I have enabled web services on Administration > Mobile app >Mobile settings
I have gone through the 10 steps on the overview of allowing an external system to control Moodle as explained in the documentation (shown also in this Youtube video)
For testing purposes, I am using Postman. Some requests are going through (e.g. getting the token for a certain user, getting the list of all courses, etc.)
Example:
But when I try to i.e. create a user or enroll a user in an existing course I am getting this error:
{
"exception": "webservice_access_exception",
"errorcode": "accessexception",
"message": "Access control exception"
}
The way I am trying to i.e. create the user is as follows:
In the body section I am sending the following data:
users[0][username]
users[0][email]
users[0][lastname]
users[0][firstname]
users[0][password]
Based on my research, most of the contributors suggested enabling web services, but as mentioned above I have enabled them but the problem persists.
Can someone help me solve the issue here or maybe suggest a way of debugging it?
Fortunately, I managed to solve the issue for both user creation and user enrollment.
Here is a great guide that helped me. In addition, you need to add some additional functions to the web service (roles wary based on what you want to do in Moodle) and also you need to alter the permissions of the new user (again depending on what you want to do)...
I just started to learn about Google Analytics Embed API from "https://developers.google.com/analytics/devguides/reporting/embed/v1/getting-started"
I followed their example, and deployed my HTML file onto local Tomcat server hosting at port 8080. I've added everything they mentioned including the whitelists for the host origin etc, provided my OAuth 2.0 key
when I hit my HTML page and logged in with google, I keep on getting 403 error when requesting for "https://content.googleapis.com/analytics/v3/management/accountSummaries?max-results=0&_src=embed-api%3Av1"
Anybody has any suggestions where I might have gone wrong?
p.s. the only thing I see on my page after login with Google is "You are logged in as: ***********#gmail.com"
Thanks,
Shen
Upon checking your link, I can see that the error code is 401. Regarding that error, you can check this SO thread.
I think you need to set up a service account as advised in answer.
By setting up a service account in Google apis console it will
allow you to access your own data with out needing to login and
autenticate the code all the time.
I’ve followed this tutorial https://apiai-aws-heroku-nodejs-bots.blogspot.co.uk/2017/07/steps-for-apiai-and-google-account.html but when I go and grab by debugging URL which happens to be https://assistant.google.com/services/auth/handoffs/auth/start?provider=allergology-5fa9c_dev&scopes=https://www.googleapis.com/auth/userinfo.email+https://www.googleapis.com/auth/userinfo.profile+https://www.googleapis.com/auth/admin.directory.resource.calendar&return_url=https://www.google.com/ and paste it into a new window I get Error 500 but no explanation.
I also tried from an incognito window. It does ask for my email and password but then returns the same error.
I’ve used Implicit Grant Type and I don’t have Add quick account linking enabled please ket me know if that’s not right?
When I try the CURL URL I get the message {“status”:{“code”:401,“errorType”:“unauthorized”,“errorDetails”:“Authentication parameters missing”}}
UPDATE - now when I try the basic Talk to Allergology action on the simulator I don’t even get the debug info anymore, but the message “Sorry this action is not available in simulation” :frowning:
Could you please help?
thanks
Morena
I've managed to work out what I need to do by following this answer How to authenticate user with just a Google account on Actions on Google?
In my case - Configure your project (in the cloud console) so that the Calendar API is enabled and that the OAuth2 client is correctly configured.
I also switched from Implicit Grant Type to Authorisation Code.
My app is almost working, I am now having other issues, but at some point the Access Token was coming through with the request.
Since about 1 week ago I'm getting consistently 500. That’s an error from accounts.google.com side when trying to authenticate with Google.
The first request to
https://accounts.google.com/o/oauth2/auth?scope=openid%20email%20https://adwords.google.com/api/adwords/%20https://www.googleapis.com/auth/drive%20https://spreadsheets.google.com/feeds%20https://docs.google.com/feeds&response_type=token&redirect_uri=https://<XXXXXX>/&state=<XXXX>2&client_id=<MY_CLIENT_NUMBER>.apps.googleusercontent.com&hd=
returns 200, but then the second request to
https://accounts.google.com/signin/oauth?hd&client_id=<app_id>.apps.googleusercontent.com&as=-XXXXXX&nosignup=1&destination=https://<my_app_uri>&approval_state=<somewhatrandomstate>&xsrfsig=<signature>
almost always fails with 500.
I'm using Java Google API client version 1.22.0 and my application is deployed on AWS (region eu-central-1). I'm currently signed in to multiple google accounts, so Account Chooser is triggered.
Any ideas what could be the problem? This auth flow worked fine for long time before then.
The problem was a very slight change of behavior on Google side. Mainly handling hd parameter. Before this change hd parameter was accepted even empty, but now when it's empty it usually ends up with status code 500.
When I am trying to send the email via amazon I'm getting the following error:
554 Message rejected: Sending suspended for this account. For more information, please check the inbox of the email address associated with your AWS account.
It happened a couple of days ago, with the endpoint eu-west-1. What can be wrong?
This seems pretty straightforward.
Sending suspended for this account.
You have been administratively blocked from sending email...
For more information, please check the inbox of the email address associated with your AWS account.
...and AWS has sent you a message about it, which should contain an explanation.
This is not a technical problem you can troubleshoot. You have apparently, whether intentionally or unintentionally, triggered a disruption of your service because of an excessive bounce or complaint rate or another apparent policy violation, or perhaps a billing issue.
You'll need to address this with AWS support.