Reputation: 41
Cognito authentication and Single Sign On
I have a web page were the user signs in using Amazon Cognito and AWS Amplify authentication. I have a link into that application that opens another aplication. I want a Single Sign On (I'm not sure if this is the best way to do this), however, I have read a little about it, that there is information about getting the ID Token and the Access Token to login to the other application. How can I use that JWT token to access to my application? The expected result
Upvotes: 4
Views: 2546
Answers (1)
Reputation: 14905
After authentication, your application can query tokens from Cognito User Pool (see https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-with-identity-providers.html)
Your app can, in turn, pass a token to the second app (the target of the SSO) as a HTTP header.
The second app will verify the token (i.e. verify the signature and the claim, see https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-verifying-a-jwt.html) and grant access to authorised users.
In case no token is provided, or an invalid token, the second app will redirect to an authentication page.
Upvotes: 3
Related Questions
- Allowing Cognito non verified users to sign in?
- AWS Cognito with AWS SSO
- Cognito login with tokens
- CognitoIdentityCredentials not providing access
- AWS cognito authorization
- AWS - Cognito Federated identities
- AWS Cognito - authenticate as a user
- AWS Cognito single use access token
- How to use AWS Cognito as Single-sign-on?
- AWS Cognito User authentication flow need suggestions and advices