amazon-cognito

问题 An app is communicating via the Open ID Connect protocol with AWS Cognito , which is connected to ADFS , communicating via SAML. Cognito is essentially "proxying" the ADFS server. ADFS holds a group mapping that the app requires, and I would like to import these groups into Cognito as actual Cognito Group - which will then be read by the app from the cognito:groups from the ID-token Cognito provides. In the AWS Cognito User Pool setup, I don't see a way to map ADFS groups to Cognito Groups -

问题 I am planning to write a mobile app with AWS handling the backend work. Like many common apps, mine will support user registration and login. All backend resources should be secure based on the user's role. After reading AWS Cognito, it handles both Open authentication provider and Developer Authentication provider. This helps to support third party login. The capacity of syncing data is a big plus. However, I have some questions about Cognito when I try further implementation. What are the

问题 I get the following error: TypeError: __WEBPACK_IMPORTED_MODULE_0_aws_sdk_global__.util.crypto.lib. randomBytes is not a function when I try to authenticate the user using the following code I wrote: import { CognitoUserPool, CognitoUserAttribute, CognitoUser, AuthenticationDetails } from 'amazon-cognito-identity-js'; let authenticationDetails = new AuthenticationDetails({ Username: username, Password: password }); let userPool = new CognitoUserPool({ UserPoolId: 'us-east-1_1TXXXXXXbXX',

问题 I am trying out the log in function for the Cognito User Pool for my Web App. I was able to obtain the Token but I am not sure where to find the secret to decode it. I've read in one of the post that the secret is the secret Id for the App in the User Pool. However, for Javascript SDK, the secret id is blank. Does this mean my secret should also be blank? I tried this but I got a message that says "Error: PEM_read_bio_PUBKEY failed". 回答1: To correct the other answer: RS256 is an asymmetric

问题 I want to call an AWS API Gateway Endpoint that is protected with AWS_IAM using the generated JavaScript API SDK . I have a Cognito UserPool and a Cognito Identity Pool . Both properly synced via ClientId . I use this code to Sign in and get the Cognito Identity AWS.config.region = 'us-east-1'; // Region AWS.config.credentials = new AWS.CognitoIdentityCredentials({ IdentityPoolId: 'us-east-1:XXXXXXXXXXXXXXXXXXXXXXXX' // your identity pool id here }); AWSCognito.config.region = 'us-east-1';

问题 Where is Identity Pool in Cognito Console. As said in docs it has format: IdentityPoolId An identity pool ID in the format REGION:GUID. But I see only Pool Id and Pool ARN in the console. Which has different format. 回答1: I can manage to get the IdentityPooId by aws cli: aws cognito-identity list-identity-pools --max-results 10 The command returns all of the Cognito identity pools registered for your account. { "IdentityPools": [ { "IdentityPoolId": "XX-XXXX-X:XXXXXXXX-XXXX-1234-abcd

问题 I am trying to authenticate a java app to AWS services using a developer-authenticated Cognito identity. This is very straightforward in the AWS mobile SDKs (documentation), but I can't seem to find the equivalent classes in the Java SDK. The main issue I am having is that the Java SDK classes (such as WebIdentityFederationSessionCredentialsProvider) require the client code to know the arn of the role being assumed. With the mobile SDK, it uses the role configured for the federated identity.

问题 I am trying to run congnito via cloudformation and everything works but there is section in cognito as follows: As you see there is section "Enable identity providers" and I can not find where I can set it to my cognito user pool in cloudformation! I tried this attributes but it says not supported. SupportedIdentityProviders Here is my code for user pool client: UserPoolClient: Type: "AWS::Cognito::UserPoolClient" Properties: ClientName: !Sub ${project}-client ExplicitAuthFlows: - ADMIN_NO

问题 The goal is to implement a social provider auth flow as described in User Pools App Integration and Federation. One important thing that I want to satisfy, is to merge user pool accounts that have the same email address. I am accomplishing that by calling adminLinkProviderForUser within the PreSignUp_ExternalProvider cognito lambda trigger. So with this, everything works. The new social provided user is being registered and linked with the already existing Cognito (user+pass) user. However,

问题 So far Cognito has identity pools that support external providers like Facebook. Now there is Cognito User Pools - which I would love to use. But I can't figure out how to support both - Cognito User Pools and external providers like Facebook. It seems Identity Pools and User Pools are separated things and I can't see how to put them together. So in short, I want my users to be able to either sign in with Facebook or User Pools. Anybody has any idea if it is even possible? 回答1: You can add