All Articles

Amazon Cognito for Web based Authentication

Amazon Cognito is complete package of authentication, authorization, and user management for web and mobile apps. It’s easy for users to sign in directly with a user name and password, or through a third party such as Facebook, Amazon, or Google.

Let’s first walk through, how to setup Amazon Cognito -

  1. Login to AWS and go to the Cognito Service section.
  2. Select Manage User Pool for this setup and you will have option to Create User Pool.
  3. Provide unique pool name and there you will have two option Review defaults or Step through Settings, I have chosen Step through Settings and for Attributes I have chosen Email to login, keep remaining configuration as default.

  1. Go to Domain Name from sidebar and take amazon cognito domain or you can put your custom domain.

  1. Select App Clients from Sidebar and give app client name, after this it will give you App clientId and App client secret.
  2. Select App Client Settings from Sidebar and fill the details as shown in image, in Callback URL provide a URL name where you want to be redirected after the login.

  1. Clicking on this format link you will see login page https://domain.auth.region.amazoncognito.com/signup?response_type=code&clientid=clientId&redirect_uri=callbackURL. _
    Make sure you are putting correct details for domain, region, clientId and callbackURL.
  2. In this, We haven’t introduced Google or Facebook any other Identity Provider, so our signup page will look like this

  1. Next step, we will introduced How to introduced Google Identity Provider, for this Select **Identity Provider **from sidebar, you will see other options, Choose Google and put clientId and Client Secret generated by Google Console , Make sure that you are allowing amazoncognito.com in **OAuth Consent Screen **and Authorized Redirect URIs is having this access domain, in my case it is https://test-auth.auth.us-west-2.amazoncognito.com/oauth2/idpresponse

  2. Update App Client Setting with Enable Identity Provider for Google

Here is next look of Amzon Cognito Auth with Google Identity Provider


You can reach out to me for any doubt and suggestions.