https://serverless-stack.com/ logo
#help
Title
# help
f

Francis Menguito

05/30/2022, 1:08 PM
In which channel can we ask about how to implement something?
t

thdxr

05/30/2022, 1:08 PM
Here is probably fine!
f

Francis Menguito

05/30/2022, 1:23 PM
@thdxr is there a way for cognito to create API keys for each of my users? Or do I have to do this manually?
t

thdxr

05/30/2022, 1:24 PM
I don't know too much about cognitio
f

Francis Menguito

05/30/2022, 1:25 PM
@thdxr haha! ok! Well since we’re in the topic. I tried to implement this: https://serverless-stack.com/examples/how-to-add-cognito-authentication-to-a-serverless-api.html
But I get a
Copy code
{
  status: 403,
  statusText: 'Forbidden',
  data: { message: 'Forbidden' }
}
Nvm. Figured it out. Thanks!
a

Adrian Schweizer

05/30/2022, 1:59 PM
Using cognito authorizer for an API is possible, but I'm not completely sure how to do it in SST. Maybe this helps: https://docs.serverless-stack.com/api#jwt-via-cognito-user-pool
I'm not exactly sure what the difference is between the tutorial you linked and the one above
I thought the IAM way also uses JWT under the hood, but now I'm unsure
f

Francis Menguito

05/30/2022, 2:38 PM
Thanks @Adrian Schweizer will check this out!
k

Klaus

05/30/2022, 7:12 PM
@Francis Menguito Perhaps it's easier to just defer to a different authority (which your users are already using) Cognito supports e.g. Google / Facebook / Apple). A Facebook example was provided today by manitej 😉
f

Francis Menguito

05/31/2022, 1:26 AM
@Klaus thanks! Will look into this as well!