Reputation: 486
What to do with the token from AWS cognito
The idea is to perform login/authentication + autorization with AWS Cognito and Google Login as Federated entity.
Everything is done on the client side using AWS javascript SDK.
I can login using https://.auth.eu-central-1.amazoncognito.com/oauth2/authorize?identity_provider=Google&redirect_uri=https://&response_type=token&client_id=<Client_id>. I redirects me to my website and adds an access_token in the URL. I can get back AWS access and secret keys with the CognitoIdentityCredentials function.
Questions:
- What to do with this access_token?
- Which function do I need call to get the current user?
- Do I need the
access_keyandsecret_key?
Upvotes: 0
Views: 644
Answers (1)
Reputation: 486
Ok, it appears I was confused...
When logged in with Cognito, there are two JWT tokens in the URL (this part is important):
- access_token
- id_token
The id_token must be sent in the Authorization header when calling API Gateway to authorize the requests. The header is automatically set if you use the AWS Amplify SDK.
I will add more info when I manage to acheive the full flow from login/register to API Gateway requests.
Side note: I thing I got confused when I read all the pieces of code online (Github, Medium, etc.) where they all use Cognito Identity Pool after the login part.
Upvotes: 1
Related Questions
- How would I get Tokens from AWS Cognito Api for machine to machine
- How to get access token in AWS Cognito if using Browser based Javascript SDK?
- AWS Cognito Access Tokens Javascript
- How to restore an expired token [AWS Cognito]?
- Authenticating user in AWS Cognito User/Identity Pool with Google as identity provider
- How to get new token from Cognito from the frontend?
- where to store the jwt token retrieved from cognito
- How to authenticate a cognito user with access token and id token
- AWS Cognito - How to exchange authorization code for access tokens?
- AWS Cognito - JavaScript Authentication Not Working