Secure Our Serverless APIs

Link to chapter —

How can I see a list of users that I have created in my Cognito User Pool?

I am following along with this guide and everything is working beautifully. I am about to start working on the React front end, but I wanted to see a list of users that I created based on this chapter and I cannot figure out how to do it.

I created the user shown in the guide for “” and it worked fine. I then created another one for “” and it worked as well. Now, I want to see a list of users that I have created, which should show these two.

However, everything I try just shows me my IAM user in Cognito (CLISST). I cannot find any command to run at the command line that would list these users, and when I login to my AWS account in a browser, I cannot find them there either. Strangely, my AWS account even says that I do not have any Cognito User Pools or Cognito Identity Pools, even though I successfully created both per this guide.

Now … I am totally confused by Discourse and have no idea if I am posting this question correctly or in the right place. Please tell me if I am doing any of this incorrectly.

Thanks in advance …

Ok I figured out a command line that I can run to give me this list, but I still cannot figure out how to see all of this by logging into my AWS console for some reason.

Here is the command:

aws cognito-idp list-users --region [enter region here] --user-pool-id [enter user pool id here] --limit 20

When testing the code, I get the following back:

Authenticating with User Pool
Getting temporary credentials
Making API request
  status: 404,
  statusText: 'Not Found',
  data: { message: 'Not Found' }

I have finished each lesson up to that point with all tests working so I am at a loss as to why I get this result.


Hmm this sounds like the API path is incorrect? Can you double check that?

Using the aws-api-gateway-cli-test with Windows (within Powershell, within VSCode), I’ve an exception.

From the book:

npx aws-api-gateway-cli-test --username --password Passw0rd! --user-pool-id USER_POOL_ID --app-client-id USER_POOL_CLIENT_ID --cognito-region COGNITO_REGION --identity-pool-id IDENTITY_POOL_ID --invoke-url API_ENDPOINT --api-gateway-region API_REGION --path-template /notes --method POST --body "{\"content\":\"hello world\",\"attachment\":\"hello.jpg\"}"

(with the correct values of my server, of course)


npx : 113 installé(s) en 22.981s
Authenticating with User Pool
Getting temporary credentials
Making API request

SyntaxError: Unexpected token \ in JSON at position 1
    at JSON.parse (<anonymous>)
    at makeRequest (C:\Users\john\AppData\Roaming\npm-cache\_npx\17040\node_modules\aws-api-gateway-cli-test\index.js:179:17)
    at C:\Users\john\AppData\Roaming\npm-cache\_npx\17040\node_modules\aws-api-gateway-cli-test\index.js:152:5
    at C:\Users\john\AppData\Roaming\npm-cache\_npx\17040\node_modules\aws-api-gateway-cli-test\node_modules\aws-sdk\lib\credentials.js:124:23
    at C:\Users\john\AppData\Roaming\npm-cache\_npx\17040\node_modules\aws-api-gateway-cli-test\node_modules\aws-sdk\lib\credentials.js:212:15
    at processTicksAndRejections (internal/process/task_queues.js:77:11)

Or more concisely:

SyntaxError: Unexpected token \ in JSON at position 1

It comes from the body string:

--body "{\"content\":\"hello world3\",\"attachment\":\"hello3.jpg\"}"

I’ve tried different versions such as:

--body "{'content':'hello world3','attachment':'hello3.jpg'}"

which triggers another error.

Any idea of a correct string?
Many thanks.

1 Like

Looks like I figured it out through trial and error - not sure why exactly, but it works if I use these two parameters like this:

--invoke-url='' \
--path-template='notes' \

The --path-template that is in your instructions had a slash in front of the word “notes”. Moving that slash at the end of the --invoke-url made it work.

Hopefully this helps someone else.


Going through the SST tutorial and successfully ran the cognito-idp sign-up and it created the user.

Ran cognito-idp admin-confirm-sign-up and it returned the error An error occurred (UserNotFoundException) when calling the AdminConfirmSignUp operation: User does not exist.

Checked the account in AWS and the email has a comma appended to it. Edited the email in AWS and cognito-idp admin-confirm-sign-up correctly changed the state to Confirmed.

I cannot account for why the trailing comma is added to the account email when running cognito-idp sign-up

I also had this issue on Windows, and I don’t have a real fix but I found a workaround.

I’m using VSCode and using their integrated terminal to run all of my command line stuff. In Windows, this terminal appears to default to PowerShell.

I switched the terminal to cmd and it worked.