Cognito authentication with no keys

0

I'm in a fairly unique situation ( I think ). I'm trying to use Cognito to authenticate users to get an access token so I can make API calls to a third party's cloud database, BUT the only info I have is region, client ID, userpool ID, username and password. The users in this pool are managed by the third party who are using Cognito as their IdP. For various reasons I need to do this using PHP. I have looked through a ton of documentation and everything I see indicates that I need valid access and secret key to make the necessary calls. So, my question is: Is it possible to generate an access token with the info I have?

1回答
0

It sounds like they may be using a Public client in Amazon Cognito, see App Client Types, in which case you can initiate the authorization flow with just the client ID.

The details of implementing authorization code flow can be found in the Open ID Connect (OIDC) Authorization Code Flow documentation. Typically you would use an (OIDC) library to handle the authentication flow, I don't have a personal recommendation for PHP.

One thing to note - typically you would use a Confidential Client for a server side application like PHP. Is it possible to ask them to create you a Confidential client instead of a Public client? In that case they would provide you with the same information, but also provide a client secret which you would add to the request in the auth flow.

AWS
回答済み 4ヶ月前

ログインしていません。 ログイン 回答を投稿する。

優れた回答とは、質問に明確に答え、建設的なフィードバックを提供し、質問者の専門分野におけるスキルの向上を促すものです。

質問に答えるためのガイドライン

関連するコンテンツ