Hi, I'm following the guide on using Cognito for u...
# help
Hi, I'm following the guide on using Cognito for user authentication (https://serverless-stack.com/chapters/using-cognito-to-add-authentication-to-a-serverless-app.html) but I would like to avoid using AWS Amplify. One solution would be to log in users through an HTTP API and use, for example, a JWT to authenticate calls to API endpoints that I want to be accessible only to registered users. Unfortunately, however, I have not found any resources on how to manage Cognito users on the server side, any help would be appreciated, thanks.
The amazon-cognito-identity-js library can be used in your webapp. It's been swallowed up by the Amplify repository, but the library may be used independent from anything Amplify.
In SST, you build a Cognito user pool, a user pool client, and set your APIs for JWT authentication.
Thanks but my goal is to be able to authenticate users with a simple HTTP call to an API, as independently as possible from external libraries
I guess you get to implement the whole exchange yourself then, as described here , using the SDK for your Lambda language starting with this API.
Thanks @Adam Fanello!
@Riccardo Brero do you mean user passing in a username and password to the a public API, and u authenticate them and issue a JWT token?
That sounds like a lot of work. Might be better off using amazon-cognito-identity-js like Adam suggest.