Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to use aws cognito to share session across apps for seamless user experience on device?

Once user is logged-in to any app he should not be asked for credentials for any other app. Sharing a single access-token stored in local storage seems a default but somehow bad idea. In case of Google apps on Android/web it surely does not use this solution, how do they do session sharing across apps implicitly?.

I am using AWS Cognito, it provides a User Pool in which I can have multiple apps registered to use the pool. Is there a way to get access token for a user request (without credentials like password) coming from a different app since the user is already logged in to pool via previous app login-request?

like image 407
Alok Sharma Avatar asked Jan 17 '18 07:01

Alok Sharma


1 Answers

We‘re also trying to create a SSO experience for our customers across all our apps so that they only have to login once and get access to all apps.

AWS has a repo for that and it also might be interesting for you: https://github.com/awslabs/aws-amplify-identity-broker

Currently, we‘re making a POC if it works out, but basically you need to proxify the cognito API‘s with your custom OIDC compliant endpoints.

like image 124
lucbas Avatar answered Nov 01 '22 02:11

lucbas