AWS Certified Developer Associate DVA-C01 – Question300

A new mobile app uses Amazon Cognito web identity federation. Immediately after a user logs in, the following error occurs:
AccessDenied — Not authorized to perform sts:AssumeRoleWithWebIdentity
A developer determines that the Amazon Cognito configuration appears to be correct.
Which of the following could be the cause of the error?

A.
The app's developer incorrectly defined the authenticated principal role access policy.
B. The app could not confirm the user in the user pool.
C. The app could not properly authenticate the user with the identity provider.
D. The app's developer incorrectly defined the authenticated principal role trust policy.

Correct Answer: C