By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Authorization code flow with custom UI and Cognito

2

Is there a way to do authorization code flow with Cognito and custom login UI? We want to allow our users to login with Cognito with authorization code flow, but the Cognito native UI does not satisfy our needs, so we need to use our own custom UI. I looked through a lot of Cognito docs but could not find any info about this. I know that this can be achieved by using the POST /login endpoint ( the same endpoint on which the form is submitted in Cognito UI ), but since this is not part of Cognito official documentation there is no guarantee that using this endpoint is safe and that it won't change in the future. So, the question is there any other way to do this? If not, does the Cognito team intend to add support for this in the near future, as I think that a lot of people have a need for something like this ( based on threads that I've read ).

Edited by: sasajankovic on Jan 18, 2021 11:24 AM

Edited by: sasajankovic on Jan 18, 2021 11:26 AM

Topics
Security, Identity, & Compliance
Tags
Amazon Cognito
Language
English
sasajankovic
asked 3 years ago1384 views
2 Answers
2

Hello @sarthak-AWS,

I know this is a long shot, but can you now give me an ETA of this feature request? Can we expect this to be done in the next six months or this calendar year?

sasajankovic
answered 3 years ago
  • rePost-User-5761784
    a year ago

    Is it possible now to have custom UI for Authorization Code Grant OAuth flow? I have custom flow with lambda triggers for password less authentication..Its a fantastic UX. But, when I have to use Cognito as OIDC for a third party app... it redirects to HOSTED UI which supports only userid/password flow :(

0
Accepted Answer

Hello,

The Authorization Code Grant OAuth flow is intended to be used with the HostedUI and the OAuth endpoints. Therefore, the standard Cognito API's, for example 'InitiateAuth' does not provide you with this functionality.

It is not recommended to build a custom login UI that provides all the features of the Hosted UI. The OAuth flows and the HostedUI features should be handled directly by the Cognito HostedUI itself. The reason for this is that the service team may change the internal workings of the HostedUI which may break custom solutions without any prior warning.

Further, we would like to let you know that the ability to engage in the OAuth flows without the use of the HostedUI is currently a feature request with the Cognito team. That being said, we will not be able to provide an ETA on when these features will be implemented.

We kindly request you to keep an eye on AWS what’s new[1] page and AWS blogs[2] to get information regarding the updates on the above.

[1] https://aws.amazon.com/new/
[2] https://aws.amazon.com/blogs/aws/

AWS
AWS-User-9460217
answered 3 years ago
profile picture
EXPERT
Sedat Salman
reviewed a year ago
  • Dalibor
    a year ago

    Is there any update after 2 years on this feature for SDK? Thx

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content