Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

What's the difference between /authorize and /login endpoints in AWS Cognito User Pools

Tags:

amazon-cognito

From AWS docs,

AUTHORIZATION Endpoint The /oauth2/authorize endpoint signs the user in.

GET /oauth2/authorize The /oauth2/authorize endpoint only supports HTTPS GET. The user pool client typically makes this request through the system browser, which would typically be Custom Chrome Tab in Android and Safari View Control in iOS.

LOGIN Endpoint The /login endpoint signs the user in. It loads the login page and presents the authentication options configured for the client to the user.

GET /login The /login endpoint only supports HTTPS GET. The user pool client makes this request through the system browser, which would typically be Custom Chrome Tabs in Android and Safari View Controller in iOS.

Both endpoints redirect after success, which one to use when?

like image 854
Technoshaft Avatar asked Jun 01 '18 13:06

Technoshaft

People also ask

What is authorize endpoint?

The authorize endpoint can be used to request tokens or authorization codes via the browser. This process typically involves authentication of the end-user and optionally consent. Note. IdentityServer supports a subset of the OpenID Connect and OAuth 2.0 authorize request parameters.

Can AWS Cognito be used for authorization?

You can use Amazon Cognito to control permissions for different user groups in your app. This ensures that users have appropriate access to backend resources, determined by the group they belong to. Amazon Cognito makes it easier for you to manage user identities, authentication, and permissions.

What are the two main components of Amazon Cognito?

The two main components of Amazon Cognito are user pools and identity pools. User pools are user directories that provide sign-up and sign-in options for your app users. Identity pools enable you to grant your users access to other AWS services. You can use identity pools and user pools separately or together.

1 Answers

The difference I noticed is if you have only one identity provider enabled the /authorize route will skip the hosted UI. The identity provider must be a Federation one for this to work. If the identity provider is Cognito you'll still be redirected to the hosted UI to type your password.

like image 93
Hugodby Avatar answered Oct 26 '22 14:10

Hugodby
Sign in to Comment

Related questions

How to pass Cognito token to Amazon API Gateway?
How can you programmatically create a user in a Cognito User Pool?
AWS Cognito - How To Get User's Group From Token Object
How to validate AWS Cognito JWT in .NET Core Web API using .AddJwtBearer()
AWS Cognito - reset user MFA
In AWS Cognito - how to allow only specific email addresses from signing up?
AWS API Gateway / Cognito Userpools / Lambdas not able to pass caller credentials
Securing AWS Cognito User Pool and Client ID on a static web page
Configuring Cognito user pool to send emails with SES
How do I get the Amazon Cognito hosted UI to prompt for TOTP?
AWS Cognito: Email verification with Link
AWS API Gateway integration with Socket.io
AWS Cognito: Restrict users to a single domain
Amazon Cognito Multi-Tenant Best Approach
lambda trigger callback vs context.done
Stubbing out Angular services in Cypress
Cognito: Understanding LimitExceededException
How to store user information with DynamoDB and Cognito using Facebook authentication with iOS SDK
Is it safe to show the AWS cognito pool ID in my html?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!