I'm developing web app based on Amazon API Gateway. Now I created Facebook login and successfully logged into website. but when I call another API, everything gone. I think I should pass Cognito token when call API everytime. am I right?
if yes, how to pass Cognito token to API? like header? or another way?
Thanks,
Authenticating with tokensWhen a user signs into your app, Amazon Cognito verifies the login information. If the login is successful, Amazon Cognito creates a session and returns an ID, access, and refresh token for the authenticated user.
To provide AWS credentials to your app, follow the steps below. Choose Manage identity pools from the Amazon Cognito console , create an identity pool, and copy the starter code snippets. If you haven't already done so, add the AWS Mobile SDK for iOS to your project. For instructions, see Set Up the Mobile SDK for iOS.
You are using the "Basic Authflow" from cognito identity, which means you will need to get credentials for your users by calling STS's "AssumeRoleWithWebIdentity". Here is some documentation to help: http://docs.aws.amazon.com/cognito/devguide/identity/concepts/authentication-flow/
Once you have credentials, you can instantiate the API Gateway Client:
var client = apigClientFactory.newClient({
accessKey: ACCESS_KEY,
secretKey: SECRET_KEY,
sessionToken: SESSION_TOKEN });
The keys and tokens come from the result of the "AssumeRoleWithWebIdentity" call.
If you have configured your IAM roles, and Authorizations correctly you should be able to access your API.
Here is the documentation describing how to configure the roles & authorization: http://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-method-settings.html#how-to-method-settings-callers-console
Also, here is how to enable CORS - http://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-cors.html
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With