Cognito Hosted UI, using code flow and refresh with an SDK?

1

I have setup the hosted Cognito sign-in UI using the authorisation code flow (and a user pool) with a redirect to a simple html/JS/CSS website app. I have played successfully with using the auth code thats returned on redirect and making calls to get the access token and refresh etc, though rather crude JS code of mine. However I have been trying to figure out if I can use a Cogntio JS SDK that would help me implement some of these tasks without having to use my own JS code, specifically around refresh to check the user is signed in (currently on page refresh I have issues), sign-out, validation and also a secure way to save JWT tokens on browser side.

As part of my web application I am using API gateway and Lambda using JWT authoriser to provide backend logic/services. This works well.

Any help/advice would be appreciated.

asked 2 years ago1176 views
2 Answers
0

Amplify Auth might help, you can configure so the auth information stored in the cookie. Amplify Auth handle some tasks for you, you see redirect link with response code, then somehow Amplify Auth exchange the code for auth information, and store it into cookie if you setup

  1. Amplify and Cognito Hosted UI https://docs.amplify.aws/lib/auth/social/q/platform/js/

  2. Amplify Auth Client Configuration https://docs.amplify.aws/lib/client-configuration/configuring-amplify-categories/q/platform/js/#top-level-configuration

hai
answered 2 years ago
-1

There's a community create library called Amazon Cognito Identity SDK for JavaScript, did you tried using that?

Just be aware that store JWT directly in the browser is not secure, you will need yo use a cookie with a HttpOnly only flag.

I know your answer is concerning the Cognito Hosted UI, but you tried to see if your web application could leverage AWS Amplify Auth? It uses Cognito and has a lot of helpers built-in and if you are using a specific framework simple ways to customize your own UI.

profile pictureAWS
answered 2 years ago
  • Thank you Ibrahim. I will have a look at AWS Amplify. Appreciated.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions