Reputation: 71
AWS Cognito Authenticated Credentials IOS Swift 2.3 - 3 (Integrating User Pool & Identity Pool)
I have been trying to generate this "identity id" for my user pool users to access AWS resources. But been unsuccessful.
func application(application: UIApplication, didFinishLaunchingWithOptions launchOptions: [NSObject: AnyObject]?) -> Bool {
// Override point for customization after application launch.
//user pool configuration
let serviceConfiguration = AWSServiceConfiguration(
region: AWSRegionType.USWest2,
credentialsProvider: nil)
let userPoolConfiguration = AWSCognitoIdentityUserPoolConfiguration(clientId: K.COGNITO_USER_POOL_APP_CLIENT_ID, clientSecret: K.COGNITO_USER_POOL_APP_CLIENT_SECRET, poolId: K.COGNITO_USER_POOL_ID)
//create a pool
AWSCognitoIdentityUserPool.registerCognitoIdentityUserPoolWithConfiguration(serviceConfiguration, userPoolConfiguration: userPoolConfiguration, forKey: "UserPool")
self.pool = AWSCognitoIdentityUserPool(forKey: "UserPool")
self.credentialsProvider = AWSCognitoCredentialsProvider(regionType: .USWest2, identityPoolId: K.IDENTITY_POOL_ID, identityProviderManager: self.pool!)
let configuration = AWSServiceConfiguration(region: AWSRegionType.USWest2, credentialsProvider: self.credentialsProvider)
AWSServiceManager.defaultServiceManager().defaultServiceConfiguration = configuration
self.pool!.delegate = self
self.user = self.pool!.currentUser()
return true
}
That's All that is given in Integrating User pool with Cognito(Swift) Documentation.
While The Android Code Says about passing the "idToken" & user pool url in the logins map, there is no such thing mentioned in the swift code.
So far, I get the "AccessToken" & "IdToken" in the logs window in Xcode after the user signs in the app.
What do I need to do further to get Authenticated Identities ? Correct me if I'm doing wrong.. Thanks.
Upvotes: 2
Views: 1086
Answers (2)
Reputation: 3342
- The following answer assumes you're using AWS Mobile Hub, downloaded the awsconfiguration.json file, and that you're using that json file in your app...
This might be far off, but I've been working on an app of my own for almost a year now, so my memory is limited - I don't remember how I set the MobileHub up and if maybe I messed something up along the way.
I was able to log in users, but they were unauthenticated. I could not for the life of me authenticate users. I moved on and just addressed the problem tonight. I realized, somewhere along the way, that the values in my awsconfiguration.json for CognitoUserPoolId, AppClientId, and AppClientSecret were wrong. I remember about a year ago I had to change the CognitoIdentityPoolId, but I'm not sure why. I also know that I downloaded this file from the AWS Mobile Hub sample project for my application.
Anyways, it's worth checking these values to make sure they all match up with the expected values. This is important considering that I was able to use my application unauthenticated yet normally with 3 of these crucial values wrong.
Upvotes: 1
Reputation: 2728
You are correct the documentation does not really help much for identity pools and user pools and getting them integrated.
My recommendation would be to, rather than depending on other documentation or examples, use the AWS Mobile Hub. If you use that site, it will DOWNLOAD a full Swift Xcode project that properly does the integration of user pools and another identity provider (Google or Facebook). The user pools integration is a new feature of the mobile hub.
Also, the mobile hub has a nice architecture of the downloaded app, separating Identity Managment from Sign in Management.
But if you want to continue to slog through this using the documentation the following set of notes should help. Plus the following salient points.
1) If you use the SDK you do not have to manage tokens, the SDK gets keeps and exchanges tokens for you.
2) All you have to do is configure your user pool correctly, configure your IAM correctly, and call a short sequence of SDK calls (outlined below). One of the great things that the mobile hub does is get all that right for you once, letting you modify and evolve it as you learn.
3) The short sequence of calls is: - make a user pool - make an identity pool - make the user pool the identityProviderManager for your service configuration (note: You have done all that above, so all you need is to do the following steps) - perform the Get Identity API call (this is done when you do the "Get Session" SDK call. - perform the GetCredentialsForIdentity API call (this is done when you do the "credentials" SDK call)
At that point you will have credentials and the ability to access AWS services based upon your logged in (authenticated) state, and any associated rules in IAM.
There is a (I think) helpful explanation in these notes: notes on using cognito and user pools
Further in that repository there is an example of user pools with identity pools working together including registration, forgot password, etc, And including the ability to do identity merging.
(the new user pool code in Mobile Hub does some of that nicely now (as of 4 days ago when they added user pool code) but does not yet do the identity merging).
Hope this helps
Upvotes: 1
Related Questions
- AWS Cognito Sign In in iOS (swift)
- AWS Cognito User Pools in iOS (Swift) app
- AWS iOS SDK Cognito Developer Authentication (Swift)
- iOS Swift, AWS Cognito User Pool, Unable to Refresh Access Token
- How do I integrate cognito user pool with identity pool?
- AWS: How to properly authenticate a user against Cognito Pool and use it for Cognito Federated Identity?
- Users show up on Auth0 but not in AWS Cognito Identity Pool
- How to integrate Cognito User Pools with Cognito Federated Identity Pools
- Using Amazon Cognito Identity User Pools
- Integrating Congnito User Pools with Amazon Cognito Identity