Hi I m following the guide on using Cognito for user authent Serverless Stack #help

Hi, I'm following the guide on using Cognito for u...

Riccardo Brero

02/18/2022, 6:31 PM

Hi, I'm following the guide on using Cognito for user authentication (https://serverless-stack.com/chapters/using-cognito-to-add-authentication-to-a-serverless-app.html) but I would like to avoid using AWS Amplify. One solution would be to log in users through an HTTP API and use, for example, a JWT to authenticate calls to API endpoints that I want to be accessible only to registered users. Unfortunately, however, I have not found any resources on how to manage Cognito users on the server side, any help would be appreciated, thanks.

Adam Fanello

02/18/2022, 6:43 PM

The amazon-cognito-identity-js library can be used in your webapp. It's been swallowed up by the Amplify repository, but the library may be used independent from anything Amplify.

Adam Fanello

02/18/2022, 6:45 PM

In SST, you build a Cognito user pool, a user pool client, and set your APIs for JWT authentication.

Riccardo Brero

02/18/2022, 7:04 PM

Thanks but my goal is to be able to authenticate users with a simple HTTP call to an API, as independently as possible from external libraries

Adam Fanello

02/18/2022, 7:13 PM

I guess you get to implement the whole exchange yourself then, as described here , using the SDK for your Lambda language starting with this API.

Frank

02/18/2022, 9:23 PM

Thanks @Adam Fanello!

Frank

02/18/2022, 9:25 PM

@Riccardo Brero do you mean user passing in a username and password to the a public API, and u authenticate them and issue a JWT token?

Frank

02/18/2022, 9:25 PM

That sounds like a lot of work. Might be better off using amazon-cognito-identity-js like Adam suggest.

Open in Slack

Previous Next