amazon-cognito

I want to call an AWS API Gateway Endpoint that is protected with AWS_IAM using the generated JavaScript API SDK . I have a Cognito UserPool and a Cognito Identity Pool . Both properly synced via ClientId . I use this code to Sign in and get the Cognito Identity AWS.config.region = 'us-east-1'; // Region AWS.config.credentials = new AWS.CognitoIdentityCredentials({ IdentityPoolId: 'us-east-1:XXXXXXXXXXXXXXXXXXXXXXXX' // your identity pool id here }); AWSCognito.config.region = 'us-east-1'; AWSCognito.config.credentials = new AWS.CognitoIdentityCredentials({ IdentityPoolId: 'us-east-1

Where is Identity Pool in Cognito Console. As said in docs it has format: IdentityPoolId An identity pool ID in the format REGION:GUID. But I see only Pool Id and Pool ARN in the console. Which has different format. I can manage to get the IdentityPooId by aws cli: aws cognito-identity list-identity-pools --max-results 10 The command returns all of the Cognito identity pools registered for your account. { "IdentityPools": [ { "IdentityPoolId": "XX-XXXX-X:XXXXXXXX-XXXX-1234-abcd-1234567890ab", "IdentityPoolName": "<some custom name>" } ] } You can find Identity pool ID if you select Manage

I am trying to authenticate a java app to AWS services using a developer-authenticated Cognito identity. This is very straightforward in the AWS mobile SDKs ( documentation ), but I can't seem to find the equivalent classes in the Java SDK. The main issue I am having is that the Java SDK classes (such as WebIdentityFederationSessionCredentialsProvider) require the client code to know the arn of the role being assumed. With the mobile SDK, it uses the role configured for the federated identity. That's what I'd prefer to do, but it seems the Java SDK doesn't have the supporting classes for that.

I am trying to run congnito via cloudformation and everything works but there is section in cognito as follows: As you see there is section "Enable identity providers" and I can not find where I can set it to my cognito user pool in cloudformation! I tried this attributes but it says not supported. SupportedIdentityProviders Here is my code for user pool client: UserPoolClient: Type: "AWS::Cognito::UserPoolClient" Properties: ClientName: !Sub ${project}-client ExplicitAuthFlows: - ADMIN_NO_SRP_AUTH - USER_PASSWORD_AUTH GenerateSecret: false UserPoolId: !Ref UserPool RefreshTokenValidity: 30

So I'm a bit confused by the Amazon documentation on Cognito concerning one of their stated use cases: "use your own identity system... allowing your apps to save data to the AWS cloud". In my case I want to give them aws tokens to upload directly to s3 from the mobile client without putting my aws keys on the client device. In order to implement this on the server side - how do I generate the proper credentials so that the client can use this identity on the client app to upload to s3? Do I first call getId() (what values do I pass if I'm using my own login - since I'm not providing a