how tro create a user by admin when using only userpool

[einaradolfsen]

We are not using any federated identity.

I need to use adminCreateUser to be able to register new users from my app. In order to do so I need credentials.

How can I get credentials in my case?

[einaradolfsen]

I can set my AWS.config object

`function registerUser(user) {
AWS.config.credentials = new AWS.Credentials(adminConfig.accessKeyId, adminConfig.secretAccessKey);
AWS.config.region = 'eu-west-2';

let client = new AWS.CognitoIdentityServiceProvider();
let attributes = setAtributes(user);
let params = {
UserPoolId: AWSConfig.UserPoolId, /* required /
Username: user.userName, / required */
DesiredDeliveryMediums: ['EMAIL'],
ForceAliasCreation: false,
TemporaryPassword: 'password',
UserAttributes: attributes
};

client.adminCreateUser(params, function(err, data){
if (err) alert(err);
else console.log(data);
});
}`

Should I be conserned by loading credentials from a json into the browser?

[itrestian]

Yes, you should. AdminCreateUser is meant to work in a secure server environment hence why it requires developer credentials.

[einaradolfsen]

I see.
It seams that getting credentials using CognitoIdentityCredentials or assumeRoleWithWebIdentity is used in case of using Federated Identity Providers.
Since we are not using federation identity providers, how can I work with AdminCreateUser in the browser?

[itrestian]

I mentioned that using AdminCreateUser in the browser is not recommended, mainly because it requires AWS credentials.

[einaradolfsen]

What I ment was, is there a way to add new users to the user pool in the browser?
Let's say you have a userpool user belonging to a admin group and login using amazon-cognito-identiy-js sdk. Can this user create new users through amazon-cognito-identiy-js using the id token?

[itrestian]

Technically possible. Not entirely sure I would recommend doing that form the browser but I would need to think more about it.

[einaradolfsen]

ok, thank you :)