❌ Error creating apiKey/secretKey for relayer using relayerClient

Support Defender
1

:computer: Environment

  • Windows
  • Node v16.14.2
  • defender-autotask-client - 1.34.0
  • defender-relay-client - 1.34.0

:memo:Details

When executing

let relayerApiKey = await relayClient.createKey(relayerId);

I get the next error

� Error creating relayer secret key
DefenderApiResponseError: Request failed with status code 500
    at rejectWithDefenderApiError (C:\blockchain\reinvestor\node_modules\defender-base-client\lib\api\api.js:11:27)
    at processTicksAndRejections (node:internal/process/task_queues:96:5)
    at async C:\blockchain\reinvestor\node_modules\defender-relay-client\lib\api\index.js:56:20
    at async RelayClient.apiCall (C:\blockchain\reinvestor\node_modules\defender-base-client\lib\api\client.js:25:20)
    at async createReinvestorRelayer (C:\blockchain\reinvestor\services\strategies\reinvestor\autotask.js:152:27)
    at async Object.exports.handler (C:\blockchain\reinvestor\services\strategies\reinvestor\index.js:66:19) {
  request: {
    path: '/relayer/relayers/2c4ff3d3-57fb-42bf-aadc-3395dddda7a4/keys',
    method: 'POST'
  },
  response: {
    status: 500,
    statusText: 'Internal Server Error',
    data: {
      message: 'User: arn:aws:sts::665768922667:assumed-role/defender-api-api-relayer-key-management-role/defender-api-api-relayer-api-key-create is not authorized to perform: cognito-idp:AdminCreateUser on resource: arn:aws:cognito-idp:us-west-2:665768922667:userpool/us-west-2_iLmIggsiy because no identity-based policy allows the cognito-idp:AdminCreateUser action'
    }
  }
}

:1234: Code to reproduce

When I try to get the credentials for first time I get an [] empty array:

  const relayClient = new RelayClient(credentials);
  const relayerCrendetials = await relayClient.listKeys(relayerId);
  let relayerCredentialsResponse = relayerCrendetials.find(
    (relayer) => relayer.relayerId === relayerId
  );

However, the second time. I get an output but without the secret key:

{
  apiKey: '****************',
  createdAt: '****************',
  relayerId: '****************',
  keyId: '****************'
}

And in the UI I can see that the relayer was created:

image
image1371×834 29.9 KB

It's like as if the apiKey is correctly created but when doing the creation of the secretKey from the client library something wrong happens in the repository.

I realised that once this error occurs, not even from the UI you can create successfully a secretKey. You can create an apiKey but the secretKey is simply not associated.

Thanks in advance for your help.

Best regards,
Pedro Reyes.

2

Hi Pedro

Thanks for reporting!

Issue has been identified based on your detailed report and fix has been created.
Fix should be included in our next release(this week). I will notify you when it is out.

Regarding secretKey, we are not returning secret key in list endpoint as a security measure. It is visible only once, on create.

Best,
Zeljko

3

Hello @zeljko ,

Thank you. I will keep an eye on this post.

Best regards,
Pedro Reyes

4

Hi @Pedro_Reyes

Fix has been deployed.
Feel free to try it out and reach to us if anything else.

Best,
Zeljko

5

Hello @zeljko ,

Updated to the newer version. Everything right :v:

Best regards,
Pedro Reyes.