Configure Amazon Cognito user pool like an expert with Bobcares by your side.
Our Support Engineers have come up with different methods to help you configure the Amazon Cognito user pool.
We come across similar queries like these every day as a part of our Server Management Services.
About Amazon Cognito user pool
Setting up an Amazon Cognito user pool as an authorizer in your Amazon API Gateway REST API is easy with our Support Engineers to guide you. In fact, you can accomplish this task via two methods.
- By creating a COGNITO_USER_POOL authorizer
- By creating an AWS Lambda authorizer
In this article, we are going to take a look at creating a COGNITO_USER_POOL authorizer.
Prerequisites for configuring Amazon Cognito user pool
Before we move on to creating a COGNITO_USER_POOL authorizer, verify that the prerequisites are ready:
- An API Gateway REST API resource.
- An Amazon Cognito user pool along with an app client.
How to create a COGNITO_USER_POOLS authorizer
- First, either choose an existing API in API Gateway or create a new API.
- Then, select Authorizers in the main navigation pane under the specific API.
- After that, select Create New Authorizer.
- Next, we will configure the new authorizer to use a user pool as seen below:
- Enter an authorizer name in Name.
- Choose the Cognito option.
- Select a region in the Cognito User Pool section.
- Choose an available user pool
- Then, enter Authorization for Token source.
- Finally, integrate the user pool with the API by choosing Create.
Configure Amazon Cognito user pool: Test the new COGNITO_USERS_POOL authorizer
Once you have created the COGNITO_USER_POOLS authorizer, you can test it with the following steps:
- First, select the Test button under the newly created authorizer in the API Gateway Console.
- Then, enter an ID Token for Authorization in the Test window.
- Next, select Test.
This test will return a 200 response code if the ID token is correct, whereas an incorrect ID token results in a 401 response code.
Configuring COGNITO_USER_POOLS authorizer on an API method
Our Support Engineers are here with four ways to get authorization tokens.
- The hosted web UI for Amazon Cognito
- The AWS CLI
- One of the AWS SDKs
- Postman app
Authorization tokens via hosted web UI for Amazon Cognito
Let’s take a look at how our Support Engineers recommend getting authorization tokens via hosted web UI for Amazon Cognito with Authorization Code Grant Flow:
- First, send an HTTP GET request to URL seen below:
https://<your_domain>/authorize?response_type=code&client_id=<your_app_client_id>&redirect_uri<your_callback_url>
Remember to replace <your_domain> with user pool’s domain name, <your_app_client_id> with user pool’s app client ID and <your_callback_url> with callback URL.
- Next, log into the user pool or federated identity provider. The UI will redirect to the URL mentioned in the callback for the app client.
- After that, send an HTTP POST request to /oauth2/token endpoint.
Let’s take a look at how our Support Engineers recommend getting authorization tokens via hosted web UI for Amazon Cognito with Implicit grant flow:
- First, send an HTTP GET request to this URL:
https:///authorize?response_type=token&client_id= &redirect_uri=
Remember to replace <your_domain> with user pool’s domain name, <your_app_client_id> with user pool’s app client ID and <your_callback_url> with callback URL.
- After that, log into the user pool with the existing user’s username and password. You can also create a new user to log in. You will be redirected to the URL mentioned in the app client’s callback.
Authorization tokens via the AWS CLI
To get authorization tokens using the AWS CLI, run the following command:
aws cognito-idp initiate-auth --auth-flow USER_PASSWORD_AUTH --auth-parameters USERNAME=testuser,PASSWORD=P@ssw0rd --client-id <app client id>
Remember to replace auth-flow, –client-id, and –auth-parameters with the values you are using.
You can also get authorization tokens using Postman via the Oauth 2.0 authorization mode.
[Server Management giving you trouble? We are just a click away.]
Conclusion
At the end of the day, the skilled Support Team at Bobcares demonstrated how to configure Amazon Cognito user pool.
PREVENT YOUR SERVER FROM CRASHING!
Never again lose customers to poor server speed! Let us help you.
Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.
0 Comments