AWS Cognito: Developer Authenticated Identities

Question

These are the calls I'm making to get the access token from AWS Cognito. I am implementing the Developer Authenticated Identities workflow where I authenticate the user on my backend. My code:

cognitoIndentityClient = Aws::CognitoIdentity::Client.new(
        region: 'us-east-1',
        credentials: permanent_aws_creds,
    )
developerProviderName = '1.Got From Developer Provider Name under Custom in Cognito Console'
identityPoolId = 'us-east-1:Xxxxx'

resp = cognitoIndentityClient.get_open_id_token_for_developer_identity(
        identity_pool_id: identityPoolId,
        logins: {
            developerProviderName =>  UniqueIdentityTokenProviderFromMYBackend
        }
    )

resp2 = cognitoIndentityClient.get_credentials_for_identity(
        {
            identity_id: resp['identity_id'],
            logins: {
                'cognito-identity.amazonaws.com' => resp['token']
            }
        }
    )

My Question: 1. How can I create a user in the user pool (enable MFA and all that) after the above calls? I can see that Identities are created in my console but I'm lost after that.

Answer 1

Can you check that in identity pool configuration in custom tab of Authentication providers section you have the developer provider name set and it matches with the value in your code above? This might be one possible reason for the error.

To answer your other question. You do not need to implement developer authenticated identities to use the 'User Pools' feature of Cognito. These are two independent features. Cognito developer authenticated identities allows you to federate your own authentication system with Cognito identity. If you want Cognito to manage your users and allow username and password based sign-up, sign-ins and MFA for you, 'User Pools' feature will be correct choice. The user managed by User pools can also federate with Cognito identity.