AWS - Cognito Authentication - Curl Call - Generate Token Without CLI - No Client Secret

You can authenticate a user with the following request.This is the endpoint of the InitiateAuth request.

Hope that this is useful for you

Method: POSTEndpoint: https://cognito-idp.{REGION}.amazonaws.com/Content-Type: application/x-amz-json-1.1X-Amz-Target: AWSCognitoIdentityProviderService.InitiateAuthBody:{    "AuthParameters" : {        "USERNAME" : "YOUR_USERNAME",        "PASSWORD" : "YOUR_PASSWORD"    },    "AuthFlow" : "USER_PASSWORD_AUTH", // Don't have to change this if you are using password auth    "ClientId" : "APP_CLIENT_ID"}

And the response as the following

{    "AuthenticationResult": {        "AccessToken": "YOUR_ACCESS_TOKEN",        "ExpiresIn": 3600,        "IdToken": "YOUR_ID_TOKEN",        "RefreshToken": "YOUR_REFRESH_TOKEN",        "TokenType": "Bearer"    },    "ChallengeParameters": {}}

Just sharing direct curl here may helpful to anyone

curl -X POST --data @user-data.json \-H 'X-Amz-Target: AWSCognitoIdentityProviderService.InitiateAuth' \-H 'Content-Type: application/x-amz-json-1.1' \https://cognito-idp.<just-replace-region>.amazonaws.com/

file json user-data.json

{"AuthParameters" : {"USERNAME" : "sadfsf", "PASSWORD" : "password"}, "AuthFlow" : "USER_PASSWORD_AUTH", "ClientId" : "csdfhripnv7sq027kktf75"}

make sure your app client does not contain app-secret or create new app without secret. also inside app enable USER_PASSWORD_AUTH