Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

User Pool and Federated Identity

Tags:

amazon-web-services

amazon-cognito

amazon-javascript-sdk

I am trying to use the AWS Javascript sdk to provide login capabilities to a web app.

I have a Cognito User Pool set up and have accounts registering, verifying and logging in correctly.

Identities are being created in the identity pool, but I would now like to add functionality that allows me to authorize with my Google account (or facebook, twitter, whatever) and link that authorization to the same identity in the identity pool.

I can't find any method in the documentation that would allow me to do this.

I anticipate that this will allow my user to then login using Google or username/password, but I can't find any guidance on how to link those authorizations.

In addition, is there a way that the User Pool account can be created following a federated identity login, if that is the users initial point of contact (eg: clicking "Login with Facebook" when they have never been there before).

Any guidance would be greatly appreciated.

Best regards,

Hal

like image 312
Hal Avatar asked Jun 15 '16 23:06

Hal

People also ask

What is a user pool?

User pools are for authentication (identity verification). With a user pool, your app users can sign in through the user pool or federate through a third-party identity provider (IdP). Identity pools are for authorization (access control).

How do you link a user pool with identity pool?

Enter the User Pool ID. Enter the App Client ID. This must be the same client app ID that you received when you created the app in the User pools section of the console. If you have additional apps or user pools, choose Add Another Provider and enter the User Pool ID and App Client ID for each app in each user pool.

What is federated identity in Cognito?

Amazon Cognito Federated Identities is a web service that delivers scoped temporary credentials to mobile devices and other untrusted environments. It uniquely identifies a device and supplies the user with a consistent identity over the lifetime of an application.

What is meant by identity federation?

Identity federation is a system of trust between two parties for the purpose of authenticating users and conveying information needed to authorize their access to resources.

1 Answers

You can find the documentation for google integration here: http://docs.aws.amazon.com/cognito/latest/developerguide/google.html#set-up-google-1.javascript

To summarize, in logins map you will need to pass both google token and the token from user pools. This will link both logins to a single identity. Now user can login with any one of them and user will have the same identity.

Yes it is possible to create user pool account later on.

like image 150
Vinay Kushwaha Avatar answered Nov 05 '22 08:11

Vinay Kushwaha
Sign in to Comment

Related questions

Getting error from beanstalk when trying to deploy flask app: "no module named flask"
AWS BatchGetItem vs GetItem in a loop
Issues with Amazon IoT Rules with DynamoDB and Lambda
How to use ajax GET or POST method to pass data to Amazon lambda node.js function
Linking Amazon Route 53 Domain Name to EC2 instance
High level instructions for migrating application from Heroku to AWS?
Scheduling long-running tasks using AWS services
Python Requests POST not working
Rails direct to S3 upload using aws-sdk gem and jQuery-File-Upload on heroku
How to ensure to update Docker image on AWS ECS?
Is it safe to use a link to an image in my AWS S3 bucket on my webpage?
AWS Cognito, Lambda, User credentials in DynamoDB
AWS SNS is bypassing API Gateway and calling Lamba functions directly
vagrant on windows error 'cannot load such file' nokogiri
aws cli s3 sync, exclude not working
Getting emr-ddb-hadoop.jar to connect DynamoDB with EMR Spark
AWS User Pool Setup (Swift)
Use Prometheus operator with DB volume for k8s
Could not parse request body into json: Unexpected character (\'-\' (code 45)) AWS Lambda + API + Postman
Unexpected token { ../node_modules/fs-extra/lib/mkdirs/make-dir.js:85 } catch {

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!