Reputation: 307
REST API oauth2 type authentication using AWS Cognito
I have a rest api in nodejs. my mobile app will consume my rest api. Can i implement oauth2 type authentication using aws cognito for my mobile app? I need resource owner password grant if i implement oauth2.
Upvotes: 5
Views: 3781
Answers (1)
Reputation: 5661
Amazon Cognito's Federated Identity feature is not an authentication provider. It vends AWS credentials for well known providers like Facebook, Google, Cognito User Pools, etc. or for custom developer providers. These custom developer provider can use any authentication protocol as long as they talk to our services from the back end and use the OpenId tokens vended in back end from their mobile apps. You can read more about this here.
Cognito User Pools however is an authentication provider and vends OpenId tokens once the user is authenticated. These tokens can also be exchanged for AWS credentials using the federated identity flow.
Upvotes: 6
Related Questions
- 405 method not allowed error in AWS Cognito oauth2/token endpoint
- How to verify JWT from AWS Cognito in the API backend?
- Why is there an "Authorization Code" flow in OAuth2 when "Implicit" flow works so well?
- What is the REST (or CLI) API for logging in to Amazon Cognito user pools
- AWS API gateway for K8s using Cognito with JWT
- How to set up an OAuth2 Authentication Provider with AWS API Gateway?
- understanding Laravel API and API authentication (Passport)!
- AWS Cognito for Basic Authentication