aws-cognito

I am configuring an app with various frontends (mobile and web apps) and a single API backend, powered by Lambda and accessed via AWS API Gateway. As I'm planning to use Cognito to authenticate and authorize users, I have set up a Cognito User Pool authorizer on my API Gateway and several API methods. With an architecture like this, it seems logical that my apps (e.g. an iOS or Vue.js app) are the Client applications from an OAuth perspective, and my API Gateway backend is a Resource Server. Based on this Auth0 forum post it seems clear that I should therefore use an ID token in my client app,

Where is Identity Pool in Cognito Console. As said in docs it has format: IdentityPoolId An identity pool ID in the format REGION:GUID. But I see only Pool Id and Pool ARN in the console. Which has different format. I can manage to get the IdentityPooId by aws cli: aws cognito-identity list-identity-pools --max-results 10 The command returns all of the Cognito identity pools registered for your account. { "IdentityPools": [ { "IdentityPoolId": "XX-XXXX-X:XXXXXXXX-XXXX-1234-abcd-1234567890ab", "IdentityPoolName": "<some custom name>" } ] } You can find Identity pool ID if you select Manage

My current project is in AWS, using Cognito and microservices with Lambda. We have designed the microservices using DDD and are in the process of implementing basic functionality. However, there is a business need for users of the API to be able to be categorised into the client company that they work for, and only be able to access data for that client company as well as any role-based authentication we will have. This isn't a full multi-tenant solution as every user will be working with the same website, but their account will have been associated with a particular client. Everything I have

We are currently building a web app using a full serverless stack on AWS. So far we have been very successful using AWS Lambda, AWS DynamoDB and Cognito User Pools. This application is intended to be an enterprise application and one of my clients wants to be able to log all users in using their current Active Directory credentials. I have used AD FS in the past on other applications but it has always turned out to be a bit of a hack to get it working. Now, I want to send the customer instructions on how to configure their AD FS relying party trust to authenticate against my application. I

I'm working with AWS and I've the following setup: UserPool; API Gateway, Lambda Functions The api gateway is using a UserPool authorizer to protect the lambda functions. This is working so far. Now I want to restrict every lambda function to a specific group of users. Therefore I've created two user groups in the CognitoPool ( user and admin ) and I've assigned a specific role to each group with a policy. Afterwards I've created a user in the UserPool and added him to the user group. That user is still able to submit requests to each route/lambda function. How do I submit a request? Postman

I'm following these pages to use cognito on my mobile app https://docs.aws.amazon.com/aws-mobile/latest/developerguide/getting-started.html and https://aws.amazon.com/blogs/mobile/easy-sign-in-and-sign-up-ui-with-the-aws-mobile-sdk-for-android/ I have created the mobile hub and downloaded the json file but now it wants me to create a cognito user pool, but I already have one. How can I link the mobile hub with the existing user pool? Thanks. AWS Mobile Hub does not currently provide a means to import your existing Cognito User Pool into the project, however, you can use whatever Cognito User