Getting full access to DynamoDB from my ios app using AWS Cognito Developer Identities

Question

I have implemented a AWS Lambda function and used the gateway to return the fulling data:

var param =
{
    IdentityPoolId: "actualIdentityPoolId",
    Logins: {} // To have provider name in a variable
};
param.Logins["com.testing.userLogin"] = userId;

cognitoidentity.getOpenIdTokenForDeveloperIdentity(param,
function(err, data)
{
    if (err) return fn(err); // an error occurred
    else fn(null, data.IdentityId, data.Token); // successful response
});

So the identityId and token get sent back to the ios device. In my device I try to connect to an AWS DynamoDB table but access is denied. How do I use the identityId and token to gain access to the tables?

I have set up roles in IAM for Unauth which denies Dydnamo and Auth which gives access to the tables through its policies.

I am trying to implement authentication using: http://docs.aws.amazon.com/cognito/latest/developerguide/authentication-flow.html

I see there are two flows which are Basic and Enhanced. The documentation says most users will use the enhanced flow and that implements GetCredentialForIdentity.

How is that implemented in my ios code so that I can switch my role from unauth to auth and can access to dynamodb? How long will this access last? I would like to do this all in my ios code instead of using lambda or something else like that.

Answer 1

If your user is unauthenticated, then logs in you need to clear your credentials, and your 'logins' method should now return a properly updated logins map.

Here is the documentation to help you: http://docs.aws.amazon.com/cognito/latest/developerguide/developer-authenticated-identities.html