amazon-cognito

问题 I'm sending a custom email using cognito for forgot password.Where do i need to set the code without trigger lambda? 回答1: Your only option is Lambda function and attaching it to General Settings -> Triggers -> Custom Message in your User Pool. Example Lambda Function: exports.handler = (event, context, callback) => { // https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-custom-message.html // dev if(event.userPoolId === "YOUR USER POOL ID") { // Identify why was this

问题 I'm currently using Cognito User Pools, federated with Google as an identity provider, to handle user sign in for my web app. At the moment, I have only implemented Sign-In with Google. This is currently being done through Cognito's Hosted UI. When users sign in with Google, I'd like them to always be prompted to select their account, i.e. be presented with this prompt. However, I have found that when I'm logged in with only one Google account, then this screen is skipped. Although, when I'm

问题 I recently started working with AWS. I have integrated AWS Amplify using cognito user pools for my user management(login&signup) and it went perfect(User pool gets updated whenever a new user registers). Now i have added an Cognito Post confirmation trigger to save the registered email into database and here is my trigger codevar mysql = require('mysql'); var config = require('./config.json'); var pool = mysql.createPool({ host : config.dbhost, user : config.dbuser, password : config

问题 I am developing backend API's for a native app. This backend service(developed using java/springboot) is deployed on AWS. For Securing the backend API's I am planning to use Oauth2 (Authorization Code grant Flow with PKCE). I am trying to achieve this through Amazon API Gateway and Cognito User Pool. This is what I have done so far. I have created Cognito user pool Add an app client(app client id/secret) Configured Domain and Resource Server Configured App Client Settings with Authorization

问题 I am developing backend API's for a native app. This backend service(developed using java/springboot) is deployed on AWS. For Securing the backend API's I am planning to use Oauth2 (Authorization Code grant Flow with PKCE). I am trying to achieve this through Amazon API Gateway and Cognito User Pool. This is what I have done so far. I have created Cognito user pool Add an app client(app client id/secret) Configured Domain and Resource Server Configured App Client Settings with Authorization

问题 I've set up the user pool in Cognito and got the JWT token after authenticating the created user via cognito js sdk. And when I try to invoke the assumeRoleWithWebIdentity api it returns an error, below is the sample api call. https://sts.amazonaws.com/ ?Action=AssumeRoleWithWebIdentity &DurationSeconds=3600 &RoleSessionName=app1 &RoleArn=arn:aws:iam::id:role/_cross_account_role &WebIdentityToken=jwtAccessToken &Version=2011-06-15 The api response, <ErrorResponse xmlns="https://sts.amazonaws

问题 I have a web client making requests to AWS Lambda via the AWS API Gateway. I'm using AWS Cognito, alongside Auth0, to authenticate users. My question is related to the CORS response headers from the AWS API Gateway endpoint, specifically the Access-Control-Allow-Origin response header that is set to any "' * '". This article indicates the risks of using the any "' * '" parameter, namely that a 'hacker can coopt our site to request any method' on our back-end: (CORS Security link). While

问题 I am running a working AWS Cognito service on a frontend application which can successfully do the basic stuff - login, logout, signup, etc.. Right now I am trying to get user attributes through the backend API, such that: 1) The user login in the application and gets a JWT. 2) The JWT is being sent to the backend server. 3) The server has to extract the email of the user by using the access token The closest thing that I found to what I need is this Cognito service. So I am making a GET

问题 I have a question about the integration of Cognito and API Gateway and I hope that you can help me with that. I am thinking of making an application in which I would like the authentication process with third parties (Facebook, Twitter ...), so I discard Cognito User Pool, then I have Cognito Identity Pool, but this is where my doubts grow. How can I integrate it with API Gateway? Should I use API Gateway Custom Authorizer to manage the token generated by Cognito? If I do not use the Custom

问题 I am going to use AWS Cognito User Pool product as user directory for application and have several questions: Is Amazon throttle request to Cognito User Pool and if yes what is the rate limit of calls to get throttled? How Cognito defends against bruteforce attack on login/password? 回答1: After couple of hours search I found this two exceptions in source code: TooManyFailedAttemptsException This exception gets thrown when the user has made too many failed attempts for a given action (e.g.,