aws-cognito

问题 In an android app, I receive a JWT access_token from http://<domain>.auth.<region>.amazoncognito.com/login once the user is done authenticating to a Cognito User Pool. That User Pool is linked to a Cognito Identity Pool. What API should I call with that access_token to get an AWSCredentials object. The closest one I found would be AssumeRoleWithWebIdentity, but that is an STS API, and some of what I've read on the web seems to recommend developers not use STS directly but rely on Cognito.

问题 In an android app, I receive a JWT access_token from http://<domain>.auth.<region>.amazoncognito.com/login once the user is done authenticating to a Cognito User Pool. That User Pool is linked to a Cognito Identity Pool. What API should I call with that access_token to get an AWSCredentials object. The closest one I found would be AssumeRoleWithWebIdentity, but that is an STS API, and some of what I've read on the web seems to recommend developers not use STS directly but rely on Cognito.

问题 In an android app, I receive a JWT access_token from http://<domain>.auth.<region>.amazoncognito.com/login once the user is done authenticating to a Cognito User Pool. That User Pool is linked to a Cognito Identity Pool. What API should I call with that access_token to get an AWSCredentials object. The closest one I found would be AssumeRoleWithWebIdentity, but that is an STS API, and some of what I've read on the web seems to recommend developers not use STS directly but rely on Cognito.

问题 I'm trying to build a web app that can be accessed by any user that signs up with facebook. I want to use AWS Cognito to speed up the development for users management. It has to have 3 type of users: Normal users - any user that logs in with facebook Editors - users that have a different access level (IAM role?), they can call a specific AWS Lambda function, that normal users can't call. Administrators - users that can modify the status of normal users to make them editors or admins Can

问题 I'm trying to build a web app that can be accessed by any user that signs up with facebook. I want to use AWS Cognito to speed up the development for users management. It has to have 3 type of users: Normal users - any user that logs in with facebook Editors - users that have a different access level (IAM role?), they can call a specific AWS Lambda function, that normal users can't call. Administrators - users that can modify the status of normal users to make them editors or admins Can

问题 I'm trying to build a web app that can be accessed by any user that signs up with facebook. I want to use AWS Cognito to speed up the development for users management. It has to have 3 type of users: Normal users - any user that logs in with facebook Editors - users that have a different access level (IAM role?), they can call a specific AWS Lambda function, that normal users can't call. Administrators - users that can modify the status of normal users to make them editors or admins Can

问题 I am setting up AD FS to generate metadata for SAML to connect to AWS Cognito User pools. I already generated the xml metadata and uploaded it to the User pool. Should I create Trust relays on AD FS site? Is there any other steps to make my AD users available for web app sign in? 回答1: For ADFS 2.0 here are the steps: Go to “Trust Relationships” -> “Relying Party Trusts” -> “Add relying party trusts”. This will start a wizard. Select the option “Enter data about the relying party manually”.

问题 When I try sign up an user in AWS Cognito this error is returned in response.: But, in my config the email field is an alias.: How can I fix this? 回答1: By that error message, it looks like it's failing because you have email as an alias but have also set given it as your username. I think to get around this, you could either use some temporary, throw away username at first or un-check it as an alias and just use it as both username and an attribute. The former gives you more flexibility to

问题 When I try sign up an user in AWS Cognito this error is returned in response.: But, in my config the email field is an alias.: How can I fix this? 回答1: By that error message, it looks like it's failing because you have email as an alias but have also set given it as your username. I think to get around this, you could either use some temporary, throw away username at first or un-check it as an alias and just use it as both username and an attribute. The former gives you more flexibility to

问题 I have Amazon Cognito user pool with few users added in it. I have added trigger to invoke my Lambda function after Post confirmation. Do we have any trigger in Cognito to invoke the Lambda function after "User Signout" and "Delete User". I did not see any trigger in Cognito. How the lambda function can be invoked automatically after User signout and Delete user. Kindly throw some light on this. 回答1: TL;DR: Can't be done It can't be done automatically because unlike Sign-in/Sign-ups which