amazon-cognito

问题 I've recently implemented an API Gateway as a proxy with a single proxy endpoint. I'm using Cognito as authorisation mechanism and as long as I have only one user pool everything is fine. What I am trying to achieve is to be able to allow users from different user pools, but in the AWS Console I just seem to be able to select one Cognito mechanism which is only one user pool. Is there a way to allow multiple user pool through another mean ? Is there an alternative best practice for this

问题 In an android app, I receive a JWT access_token from http://<domain>.auth.<region>.amazoncognito.com/login once the user is done authenticating to a Cognito User Pool. That User Pool is linked to a Cognito Identity Pool. What API should I call with that access_token to get an AWSCredentials object. The closest one I found would be AssumeRoleWithWebIdentity, but that is an STS API, and some of what I've read on the web seems to recommend developers not use STS directly but rely on Cognito.

问题 In an android app, I receive a JWT access_token from http://<domain>.auth.<region>.amazoncognito.com/login once the user is done authenticating to a Cognito User Pool. That User Pool is linked to a Cognito Identity Pool. What API should I call with that access_token to get an AWSCredentials object. The closest one I found would be AssumeRoleWithWebIdentity, but that is an STS API, and some of what I've read on the web seems to recommend developers not use STS directly but rely on Cognito.

问题 In an android app, I receive a JWT access_token from http://<domain>.auth.<region>.amazoncognito.com/login once the user is done authenticating to a Cognito User Pool. That User Pool is linked to a Cognito Identity Pool. What API should I call with that access_token to get an AWSCredentials object. The closest one I found would be AssumeRoleWithWebIdentity, but that is an STS API, and some of what I've read on the web seems to recommend developers not use STS directly but rely on Cognito.

问题 I was trying to get my API gateway work with Cognito user pools authorizer but I cannot seem to get it to work. I am not using any SDK as of now. Some details - for Cognito pool, I have setup ID provider as cognito user pool, Oauth flow 'impilicit grant' & scope as 'openid'. Created an app (& domain) with client secret also generated. Email is the only field. - on API gateway I added the same user pool for cognito auth & header as 'Authorization'. No scope was added and no token validation. I

问题 I'm making an android app and have created a user in my user pool with the Amplify framework. The documenation for amplify says that making calls to get/set attributes isn't built yet, so I guess I need to use cognito directly. I now want to set attributes such as name once the user signs up. Right now I have this code, but I'm not sure what to do from here. CognitoUserAttributes attributes = new CognitoUserAttributes(); attributes.addAttribute("testAttribute", "testValue"); Also I'm

问题 This is an issue we found on Github and are having the same issue: We're using serverless and serverless-offline to run lambda locally. We have a local DynamoDB implementation. For Cognito however, serverless-offline mocks the authenticated user and cognitoIdentityId. The mocked user has permission to invoke the lambda but not to pass in the cognitoIdentityId to match what we save in DynamoDB for a user. This may be a serverless-offline problem, and there may be other, better solutions. Or

问题 This is an issue we found on Github and are having the same issue: We're using serverless and serverless-offline to run lambda locally. We have a local DynamoDB implementation. For Cognito however, serverless-offline mocks the authenticated user and cognitoIdentityId. The mocked user has permission to invoke the lambda but not to pass in the cognitoIdentityId to match what we save in DynamoDB for a user. This may be a serverless-offline problem, and there may be other, better solutions. Or

问题 This is an issue we found on Github and are having the same issue: We're using serverless and serverless-offline to run lambda locally. We have a local DynamoDB implementation. For Cognito however, serverless-offline mocks the authenticated user and cognitoIdentityId. The mocked user has permission to invoke the lambda but not to pass in the cognitoIdentityId to match what we save in DynamoDB for a user. This may be a serverless-offline problem, and there may be other, better solutions. Or

问题 UPDATE: Thanks for the help! I've updated the template.yml to include the Authorizer, but I'm getting an error still: HelloWorldApi: Type: AWS::Serverless::Api Properties: StageName: Prod Cors: "'*'" # Auth: # DefaultAuthorizer: MyCognitoAuthorizer # Authorizers: # MyCognitoAuthorizer: # UserPoolArn: arn:aws:cognito-idp:us-east-1:719235216593:userpool/my-user-pool-id HelloWorldFunction: Properties: CodeUri: hello-world/ Handler: app.lambdaHandler Runtime: nodejs10.x Events: HelloWorld: Type: