Jim Hankins
Reputation: 1073
Seeking an example of using AWS C++ SDK to implement get-credentials-for-identity and it's required get-id input for temporary AWS credentials
I am currently building a C++ client which is successfully authenticating to AWS Cognito User Pools. I wish to obtain temporary AWS credentials via exchanging the received ID token from Cognito.
Using the Advanced Flow with AWS CLI it seems to be two separate calls which I have working.
aws cognito-identity get-id aws cognito-identity get-credentials-for-identity
The end goal is to receive AccessKeyId,SecretKey,SessionToken,IdentityId for subsequent AWS service calls.
Upvotes: 0
Views: 824
Answers (1)
Jim Hankins
Reputation: 1073
I have worked out the get-id side so the rest will fall easily now.
Aws::SDKOptions options;
Aws::Utils::Logging::LogLevel logLevel{ Aws::Utils::Logging::LogLevel::Error };
options.loggingOptions.logger_create_fn = [logLevel] {return make_shared<Aws::Utils::Logging::ConsoleLogSystem>(logLevel); };
Aws::InitAPI(options);
Aws::Client::ClientConfiguration clientConfiguration;
clientConfiguration.region = REGION; // region must be set for Cognito operations
s_AmazonCognitoIdentityClient = Aws::MakeShared<Aws::CognitoIdentity::CognitoIdentityClient>("CognitoIdentityClient",clientConfiguration);
Aws::CognitoIdentity::Model::GetIdRequest getIdRequest;
getIdRequest.SetAccountId(AWS_ACCOUNT_ID);
getIdRequest.SetIdentityPoolId(IDENTITY_POOL_ID);
map<string, string> logins{
{"cognito-idp.[REGION].amazonaws.com/[Your Pool ID]", s_IDToken}
};
getIdRequest.SetLogins(logins);
Aws::CognitoIdentity::Model::GetIdOutcome getIdOutcome{s_AmazonCognitoIdentityClient->GetId(getIdRequest)};
if (getIdOutcome.IsSuccess())
{
Aws::CognitoIdentity::Model::GetIdResult getIdResult{getIdOutcome.GetResult()};
cout << "\tIdentity Token: " << getIdResult.GetIdentityId() << endl;
s_IdentityId = getIdResult.GetIdentityId(); //Set for subsequent call to get credentials
}
else {
Aws::Client::AWSError<Aws::CognitoIdentity::CognitoIdentityErrors> error = getIdOutcome.GetError();
cout << "Error logging in: " << error.GetMessage() << endl << endl;
}
Aws::ShutdownAPI(options);
Upvotes: 0
Related Questions
- How to write code to get the AWS cognito access token?
- Set credentials on AWS SDK C++ console application with code
- Is there a way to get temporary role based credentials using the AWS C++ SDK?
- Getting temporary AWS credentials using Java SDK2
- Retrieve user informations from cognito with ID
- AWS Cognito sign user in without username and password from server
- authenticate a user using cognito aws-sdk-cpp
- How to get AWS credentials with a UserPools idToken?
- AWS sign-in InvalidParameterException Missing required parameter SRP_A
- Get current AWS Cognito identity id from supplied credentials