I'm investigating a similar approach to this question on using a custom IdP / authentication process. One thing that isn't clear from the docs is whether the CreateStreamingURL flag for the UserID also propagates through to the persistent storage via S3.
The workflow that I would like is:
- User logs into my application, and permissions are checked. All authn/authz logic contained here.
- Application uses an AWS service account to call CreateStreamingURL, with e.g. UserID=user1@example.com and UserID=user2@example.com .
- Application gives user1 -> url1 and user2 -> url2, such that these sessions are isolated.
- Next day, user1 logs in again and gets url1_new, and should be able to see whatever settings / persistence as per the previous session.
Is my understanding of the UserID parameter correct?