Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Does AWS Cognito remove the need for a 'users' table in my database?

Tags:

amazon-web-services

amazon-cognito

With AWS Cognito doing its thing with authentication does this mean I no longer need a traditional 'users' table in my database?

Currently the app I have inherited has the traditional 'users' table I reference with sql queries looking for many-to-many and many-to-one joins with organisation, message boards, etc tables.

Do I query the Cognito user groups (that feels wrong) or is there some 'sync' method to have an updated 'users' table in my database.

Reading to docs and watching a few tutorials is great but no one seams to do more than authenticate. Where is the authorisation, and getting user names, email with join queries.

Be gentle, trying to work and study with a new baby in the room

like image 375
user3067684 Avatar asked Jan 30 '19 11:01

user3067684

People also ask

Where does AWS Cognito store user data?

Amazon Cognito organizes user profile data into datasets. Each dataset can contain up to 1MB of data in the form of key-value pairs. A dataset is the most granular entity that you can synchronize. Read and write operations performed on a dataset only affect the local store until the synchronize method is invoked.

Does Cognito store user data?

You can programmatically create a data set associated with Cognito Identity and start saving data in the form of key/value pairs. The data is stored both locally on the device and in the Cognito sync store. Cognito can also sync this data across all of the end user's devices.

What is the main difference between Cognito user pool and Cognito identity pool?

With a user pool, your app users can sign in through the user pool or federate through a third-party identity provider (IdP). Identity pools are for authorization (access control). You can use identity pools to create unique identities for users and give them access to other AWS services.

What are the two main components of Amazon Cognito?

The two main components of Amazon Cognito are user pools and identity pools. User pools are user directories that provide sign-up and sign-in options for your app users. Identity pools enable you to grant your users access to other AWS services. You can use identity pools and user pools separately or together.

2 Answers

My experience has been it does not obsolete the need for a users table, for a couple of reasons.

  1. I would routinely run into AWS throttling errors when invoking the Cognito getUser/listUser methods while using Cognito as the primary user data store. AWS support would increase the API limits on our account but I was always worried they would reappear.
  2. You are essentially limited to querying users by username/email/phone. The listUser method is very limited for searching
  3. If you want to store other user data then you have to put them in custom Cognito attributes and managing those got tiresome quickly

The design I ended up on was to set a post-confirmation trigger on the Cognito user pool and have it copy all the user data into a relational database or DynamoDB when a user signed up. The primary key of the users table would be the Cognito username so if necessary I could lookup the user in both the database and Cognito. Basically I just use Cognito for authentication and not as a primary user database

like image 160
Brian Winant Avatar answered Oct 11 '22 08:10

Brian Winant

You can certainly use Cognito User Pools service to manage authentication instead of your 'user' table, but not necessarily. You can also integrate other identity providers and login with Twitter, Amazon, etc, or even your own database. A benefit of using Cognito User Pools is that you don't have to code the authentication flows, as they are implemented by the service correctly and securely.

Best of luck with the code and the baby!

like image 42
Julio Faerman Avatar answered Oct 11 '22 09:10

Julio Faerman
Sign in to Comment

Related questions

Terraform: How to migrate state between projects?
Installing Ruby 2.0 and Rails 4.0.0beta on AWS EC2
aws service difference between cognito user pool and federated identity
No such file or directory - getcwd
how to install pip with yum on EC2
Amazon S3 copyObject permission
How to describe AWS Lambda function test events in CloudFormation template?
AWS Auto Scaling Group - Application Load Balancer Request Count Per Target
DynamoDB most efficient date type
Why does file uploaded to S3 have content type application/octet-stream unless I name the file .html?
Need help deciding between EBS vs S3 on Amazon Web Services
Listing instance name among other data with aws-cli 1.3.6
Any way to run AWS Aurora locally?
How to prevent downtime during AWS Elastic Beanstalk deployment of a new version of the app?
Setting up Django on AWS Elastic Beanstalk: WSGIPath not found
How can I create a one time download link with Amazon S3?
What "desired instances" is needed for? AWS Amazon Webservices AutoScaling group
How to understand Amazon ECS cluster
AWS Can not deserialize instance of java.lang.String out of START_OBJECT
Can I remove the public IP on my instance without terminating it?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!