In which channel can we ask about how to implement...
# helpf
Francis Menguito
05/30/2022, 1:08 PMIn which channel can we ask about how to implement something?
t
thdxr
05/30/2022, 1:08 PMHere is probably fine!
f
Francis Menguito
05/30/2022, 1:23 PM@thdxr is there a way for cognito to create API keys for each of my users? Or do I have to do this manually?
t
thdxr
05/30/2022, 1:24 PMI don't know too much about cognitio
f
Francis Menguito
05/30/2022, 1:25 PM@thdxr haha! ok! Well since we’re in the topic.
I tried to implement this: https://serverless-stack.com/examples/how-to-add-cognito-authentication-to-a-serverless-api.html
Francis Menguito
05/30/2022, 1:25 PMBut I get a
Copy code
{
status: 403,
statusText: 'Forbidden',
data: { message: 'Forbidden' }
}Francis Menguito
05/30/2022, 1:46 PMNvm. Figured it out. Thanks!
a
Adrian Schweizer
05/30/2022, 1:59 PMUsing cognito authorizer for an API is possible, but I'm not completely sure how to do it in SST. Maybe this helps: https://docs.serverless-stack.com/api#jwt-via-cognito-user-pool
Adrian Schweizer
05/30/2022, 2:00 PMHere is a more indepth tutorial: https://serverless-stack.com/examples/how-to-add-jwt-authorization-with-cognito-user-pool-to-a-serverless-api.html
Adrian Schweizer
05/30/2022, 2:05 PMI'm not exactly sure what the difference is between the tutorial you linked and the one above
Adrian Schweizer
05/30/2022, 2:06 PMI thought the IAM way also uses JWT under the hood, but now I'm unsure
f
Francis Menguito
05/30/2022, 2:38 PMThanks @Adrian Schweizer will check this out!
k
Klaus
05/30/2022, 7:12 PM@Francis Menguito Perhaps it's easier to just defer to a different authority (which your users are already using) Cognito supports e.g. Google / Facebook / Apple). A Facebook example was provided today by manitej 😉
f
Francis Menguito
05/31/2022, 1:26 AM@Klaus thanks! Will look into this as well!