Twitter LogoFacebook Logo
Sign In Lambda
Create the lambda for signing in.
By: King

Hello, in this tutorial, we’ll continue to build the Login System using Amazon Cognito, API Gateway, Lambda Function, and the HTTP Requests for Blueprints plugin. 

In the last tutorial, we created another lambda function to confirm the account using the confirmation code received. 

Now, we’ll create the lambda for signing in

Creating the lambda

Login to your AWS Console and search for Lambda in the search bar. 

Click on Lambda in the menu.

Create a new function. Give the lambda a name like SignIn. Then set the Runtime to Node.js and click “Create function” to complete the process.

Now open the AWS SDK documentation for Cognito Identity Provider. Search for InitiateAuth and hit enter a couple of times. 

You should see the link to the command. Click on it.

Copy the import statement and paste it inside the Lambda function.

import { CognitoIdentityProviderClient, InitiateAuthCommand } from "@aws-sdk/client-cognito-identity-provider";

Now go back to the documentation, and copy the rest.

const client = new CognitoIdentityProviderClient(config);
const input = { // InitiateAuthRequest
  AuthParameters: { // AuthParametersType
    "<keys>": "STRING_VALUE",
  ClientMetadata: { // ClientMetadataType
    "<keys>": "STRING_VALUE",
  ClientId: "STRING_VALUE", // required
  AnalyticsMetadata: { // AnalyticsMetadataType
    AnalyticsEndpointId: "STRING_VALUE",
  UserContextData: { // UserContextDataType
    IpAddress: "STRING_VALUE",
    EncodedData: "STRING_VALUE",
const command = new InitiateAuthCommand(input);
const response = await client.send(command);

Paste the whole thing in the handler function. 

For the client, replace config with a pair of curly brackets and put region, colon, and the region you are in.

const client = new CognitoIdentityProviderClient({region: "us-east-1"});

Now delete everything in the input except for the required ones.

const input = { // InitiateAuthRequest


  AuthParameters: { // AuthParametersType
    "<keys>": "STRING_VALUE",

  ClientId: "STRING_VALUE", // required

For the AuthFlow, use USER_PASSWORD_AUTH, since that is what we defined in the Cognito User pool.


In the AuthParameters, we need to pass in the username and password for the account we’re trying to sign in with.

Put USERNAME for the key, then use event, square brackets, and "username for the value. We need to do the same for the PASSWORD.

AuthParameters: { 
    "USERNAME": event["username"],
    "PASSWORD": event["password"],

The ClientId is for a Cognito User pool app client id. 

To get it for the one that was created earlier, search for Cognito in the search bar at the top. 

Right click on it in the menu and open in a new tab. 

Select the User pool. Go to App integration and scroll down to the App clients section. 

Select the app client and use the client id in the lambda function. 

Save the code and deploy it. 


To test this, click on the arrow next to the Test button and select Configure test event

Image from

Give the event a name like LoginTest

Then edit the JSON by setting the first property to username, followed by the email that was used when you created the account. 

For the next property, replace it with password and use the password you used for the account.

If you get a 200 response with the access and id token, you successfully logged in.

That’s all for this tutorial. In the next tutorial, we’ll use API Gateway and create our own API to execute these lambdas in Unreal Engine.

Sign In