Cognito authentication with no keys

0

I'm in a fairly unique situation ( I think ). I'm trying to use Cognito to authenticate users to get an access token so I can make API calls to a third party's cloud database, BUT the only info I have is region, client ID, userpool ID, username and password. The users in this pool are managed by the third party who are using Cognito as their IdP. For various reasons I need to do this using PHP. I have looked through a ton of documentation and everything I see indicates that I need valid access and secret key to make the necessary calls. So, my question is: Is it possible to generate an access token with the info I have?

preguntada hace 5 meses328 visualizaciones
1 Respuesta
0

It sounds like they may be using a Public client in Amazon Cognito, see App Client Types, in which case you can initiate the authorization flow with just the client ID.

The details of implementing authorization code flow can be found in the Open ID Connect (OIDC) Authorization Code Flow documentation. Typically you would use an (OIDC) library to handle the authentication flow, I don't have a personal recommendation for PHP.

One thing to note - typically you would use a Confidential Client for a server side application like PHP. Is it possible to ask them to create you a Confidential client instead of a Public client? In that case they would provide you with the same information, but also provide a client secret which you would add to the request in the auth flow.

AWS
respondido hace 4 meses

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas