Geek Answers Handbook

Typical application user authentication using AWS

My main question is a typical way to authenticate users with mobile apps? I know that AmazonCognito is used to synchronize userdata as soon as you receive a token, but this token is just a set of access rules, right? Which has nothing to do with a specific user (just the fact that they are an authenticated user as a whole).

But before this is possible, there must be a way to authenticate the username / password that the user has signed up with so that you can get the token. In almost all of the documentation, they use Facebook / Google / etc as examples of third-party providers, and there is an example of setting up your own third-party provider, but for this, everything requires your own backend to service this. WITH

Assuming there may be many users trying to run the user application and authenticate, doesn't it seem like a bad idea to create a backend somewhere else? And is there a way to integrate this part into AWS so that there is no special work with the backend? How is this usually done?

Node site: I am using the Android SDK at the moment.

Thank:)

+4
source share
1 answer

AWS Cognito has two different goals. One of them is to synchronize the data as you described in your question. Another way is to help manage user IDs and create glue between external identity providers (your own, Facebook, Google, or Amazon) and AWS.

Here is a high level workflow. Details can be found at http://docs.aws.amazon.com/mobile/sdkforandroid/developerguide/cognito-auth.html

  • Using the AWS Console, Create a Cognito Identity Pool

  • IAM Cognito. , , . . AWS .

  • CognitoCredentialsProvider

CognitoCachingCredentialsProvider credentialsProvider = new CognitoCachingCredentialsProvider( myActivity.getContext(), // get the context for the current activity "AWS_ACCOUNT_ID", "COGNITO_IDENTITY_POOL", "arn:aws:iam::AWS_ACCOUNT_ID:role/UNAUTHENTICATED_ROLE", "arn:aws:iam::AWS_ACCOUNT_ID:role/AUTHENTICATED_ROLE", Regions.US_EAST_1 );

  1. , , ( Facebook, Google Amazon).

  2. , , Cognito. Cognito SDK AWS, , .

  3. ,

AmazonDynamoDB client = new AmazonDynamoDBClient(credentialsProvider);

AWS. , .

- Cognito (. http://mobile.awsblog.com/post/Tx2FL1QAPDE0UAH/Understanding-Amazon-Cognito-Authentication-Part-2-Developer-Authenticated-Ident)

+4

More articles:


All Articles