AWS Cognito with existing user management

0

Hi, Currently I have built in user management service for my react based apps(Spring boot backend micro services). So because of Cognito 2FA ,Oauth2 and some other feature we would like to use Cognito. But I am not sure if it is going to create more problem on the way for existing project. Is it possible to use Cognoto and existing user management together without full transferring into Cognito? Thanks

ozy
gefragt vor einem Jahr701 Aufrufe
2 Antworten
0

Greetings ,

Yes, it is possible to use Cognito alongside an existing user management system without fully transitioning to Cognito. Cognito provides a number of features such as user sign-up and sign-in, multi-factor authentication (MFA), and OAuth 2.0 support that can be used to enhance the security and functionality of your application.

One approach you could consider is to use Cognito to handle certain authentication and authorization tasks, while continuing to use your existing user management system for other tasks. For example, you could use Cognito for user registration, sign-in, and MFA, while using your existing system for tasks such as user profile management and access control.

To enable this approach, you can use Cognito's user pool and identity pool features. A user pool is a user directory in Cognito that can be used to manage user registration, sign-in, and MFA. An identity pool is a service that provides temporary AWS credentials to grant access to AWS services and resources. You can configure your user pool to work with your existing user management system, and use the identity pool to authorize access to AWS services.

In summary, it is possible to use Cognito alongside an existing user management system, and to selectively use Cognito features to enhance the security and functionality of your application. However, it is important to carefully plan and implement the integration to ensure that it meets your security and functionality requirements. Please let me know if that answered your question

AWS
EXPERTE
ZJon
beantwortet vor einem Jahr
  • Thanks Zokir, so can I keep my existing registration/sign in service but only use MFA from Cognito? Do I need to duplicate my user profile(user pool) on AWS?

  • Greetings, Yes, you can keep your existing registration/sign-in service and use MFA from Cognito. To achieve this, you can configure Cognito as an additional identity provider in your existing application, and enable MFA for Cognito users. This way, users can still use your existing registration/sign-in service, but will be required to authenticate with Cognito's MFA mechanism when accessing certain sensitive resources.

    As for user profiles, you do not necessarily need to duplicate your user pool on AWS. Instead, you can use your existing user management system as the primary source of user profiles and sync these profiles to Cognito. This can be achieved using Cognito's User Migration Lambda trigger, which allows you to write custom code to migrate user profiles from your existing system to Cognito. With this approach, you can continue to use your existing user profiles while taking advantage of Cognito's MFA feature.

    Alternatively, if you do not want to migrate user profiles to Cognito, you can use Cognito as a standalone user pool and manage user profiles exclusively in Cognito. In this case, users would need to register and authenticate with Cognito, and their profiles would be stored in Cognito's user pool. However, you would need to ensure that any relevant user profile data is synchronized between your existing system and Cognito.

  • did I answer your question?

  • Please let me know if i answered your question

0

Greetings, Yes, you can keep your existing registration/sign-in service and use MFA from Cognito. To achieve this, you can configure Cognito as an additional identity provider in your existing application, and enable MFA for Cognito users. This way, users can still use your existing registration/sign-in service, but will be required to authenticate with Cognito's MFA mechanism when accessing certain sensitive resources.

As for user profiles, you do not necessarily need to duplicate your user pool on AWS. Instead, you can use your existing user management system as the primary source of user profiles and sync these profiles to Cognito. This can be achieved using Cognito's User Migration Lambda trigger, which allows you to write custom code to migrate user profiles from your existing system to Cognito. With this approach, you can continue to use your existing user profiles while taking advantage of Cognito's MFA feature.

Alternatively, if you do not want to migrate user profiles to Cognito, you can use Cognito as a standalone user pool and manage user profiles exclusively in Cognito. In this case, users would need to register and authenticate with Cognito, and their profiles would be stored in Cognito's user pool. However, you would need to ensure that any relevant user profile data is synchronized between your existing system and Cognito.

AWS
EXPERTE
ZJon
beantwortet vor einem Jahr

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen