Authorization code flow with custom UI and Cognito

3

Is there a way to do authorization code flow with Cognito and custom login UI? We want to allow our users to login with Cognito with authorization code flow, but the Cognito native UI does not satisfy our needs, so we need to use our own custom UI. I looked through a lot of Cognito docs but could not find any info about this. I know that this can be achieved by using the POST /login endpoint ( the same endpoint on which the form is submitted in Cognito UI ), but since this is not part of Cognito official documentation there is no guarantee that using this endpoint is safe and that it won't change in the future. So, the question is there any other way to do this? If not, does the Cognito team intend to add support for this in the near future, as I think that a lot of people have a need for something like this ( based on threads that I've read ).

Edited by: sasajankovic on Jan 18, 2021 11:24 AM

Edited by: sasajankovic on Jan 18, 2021 11:26 AM

質問済み 4年前1705ビュー
3回答
3

Hello @sarthak-AWS,

I know this is a long shot, but can you now give me an ETA of this feature request? Can we expect this to be done in the next six months or this calendar year?

回答済み 4年前
  • Is it possible now to have custom UI for Authorization Code Grant OAuth flow? I have custom flow with lambda triggers for password less authentication..Its a fantastic UX. But, when I have to use Cognito as OIDC for a third party app... it redirects to HOSTED UI which supports only userid/password flow :(

1
承認された回答

Hello,

The Authorization Code Grant OAuth flow is intended to be used with the HostedUI and the OAuth endpoints. Therefore, the standard Cognito API's, for example 'InitiateAuth' does not provide you with this functionality.

It is not recommended to build a custom login UI that provides all the features of the Hosted UI. The OAuth flows and the HostedUI features should be handled directly by the Cognito HostedUI itself. The reason for this is that the service team may change the internal workings of the HostedUI which may break custom solutions without any prior warning.

Further, we would like to let you know that the ability to engage in the OAuth flows without the use of the HostedUI is currently a feature request with the Cognito team. That being said, we will not be able to provide an ETA on when these features will be implemented.

We kindly request you to keep an eye on AWS what’s new[1] page and AWS blogs[2] to get information regarding the updates on the above.

[1] https://aws.amazon.com/new/
[2] https://aws.amazon.com/blogs/aws/

AWS
回答済み 4年前
profile picture
エキスパート
レビュー済み 4ヶ月前
profile picture
エキスパート
レビュー済み 1年前
  • Is there any update after 2 years on this feature for SDK? Thx

0

Hi there, Any news on this? Thanks

profile picture
回答済み 5ヶ月前

ログインしていません。 ログイン 回答を投稿する。

優れた回答とは、質問に明確に答え、建設的なフィードバックを提供し、質問者の専門分野におけるスキルの向上を促すものです。

質問に答えるためのガイドライン

関連するコンテンツ