Logging in user using AWS Cognito

Question

I am trying to create a log in using AWS Cognito

I have setup the federated identities, and added a user pool, and added a email address to the user pool.

I have created some PHP code to getID and to OpenIDToken.

Which is a good start, but this only works in an unauthenticated setup I want to be able to log a user in using the username and password that was given to them .

I can't seem to find any information that I am able to understand to get this to work.

How do I go about logging a user in from a user Pool using PHP and AWS API v3?

Here is the code I have now:

include "vendor/autoload.php";
use Aws\CognitoIdentity\CognitoIdentityClient;



$identityClient = CognitoIdentityClient::factory(array(
'region' => 'us-east-1',
'version'=>'latest',
'credentials' => array(
    'key' => $awsuser,
    'secret'  => $awssecret,
)
));




$idResp = $identityClient->getId(array(
'AccountId' => 'XXXXXXXXXXX',
'IdentityPoolId' => 'us-east-1:0689a59d-d385-4f80-88ce-XXXXXXXXXXXX',
));

$identityId = $idResp["IdentityId"];

echo $identityId;



$tokenResp = $identityClient->getOpenIdToken(array(
'IdentityId' => $identityId
));

$token = $tokenResp["Token"];

echo $token;

Answer 1

Sorry for the confusion. When you sign in with Cognito User Pools, you'll get a few tokens. One of which is the id token, you'll need to pass that in to the Cognito federated identities client logins map with 'cognito-idp..amazonaws.com/' as the key. More information is available in the developer guide. You might also find this blog post useful, it has examples of how to set logins using the PHP SDK.